Job Title:
Director, Engineering SecurityAbout Skyhigh Security:
Skyhigh Security is a dynamic, fast-paced, cloud company that is a leader in the security industry. Our mission is to protect the world’s data, and because of this, we live and breathe security. We value learning at our core, underpinned by openness and transparency.
Since 2011, organizations have trusted us to provide them with a complete, market-leading security platform built on a modern cloud stack. Our industry-leading suite of products radically simplifies data security through easy-to-use, cloud-based, Zero Trust solutions that are managed in a single dashboard, powered by hundreds of employees across the world. With offices in Santa Clara, Aylesbury, Paderborn, Bengaluru, Sydney, Tokyo and more, our employees are the heart and soul of our company.
Skyhigh Security Is more than a company; here, when you invest your career with us, we commit to investing in you. We embrace a hybrid work model, creating the flexibility and freedom you need from your work environment to reach your potential. From our employee recognition program, to our ‘Blast Talks' learning series, and team celebrations (we love to have fun!), we strive to be an interactive and engaging place where you can be your authentic self.
We are on these too! Follow us on LinkedIn and Twitter@SkyhighSecurity.
Role Overview:
The Director of Engineering Security is responsible for policy, implementation and operation of the secure development lifecycle within a globally distributed engineering function. They will manage a small team responsible for the implementation and operation of security tooling, the delivery of best practice, process monitoring and internal auditing.About The Role:
The Director of Engineering Security is responsible for policy, implementation and operation of the secure development lifecycle within a globally distributed engineering function. They will manage a small team responsible for the implementation and operation of security tooling, the delivery of best practice, process monitoring and internal auditing.
Key Accountabilities:
Define and own the Secure Development Lifecycle policy and process Embed a secure by design culture within the organization Build security communities and a network of security champions Own and operate the security toolchain within the Engineering group Establish training programs to ensure engineers are equipped with the necessary and up-to-date security foundations Work with operations to ensure penetration tests and scans are completed in accordance with established policy. Work with Engineering teams to ensure remediations are processed in accordance with the policy Work with CISO functions to ensure standard joined-up security incident management handling system is in place Establish appropriate monitoring of Skyhigh SaaS products Regular exec-level reporting Assist the Skyhigh compliance function with the maintenance of SOC, ISO, FedRAMP and other certifications Undertake threat modelling and prioritize security practices accordinglyAbout You:
Experience implementing a Secure Development lifecycle with associated toolchain for a SaaS product business Working knowledge of ISO, SOC and any other regulations desirable Well versed in security frameworks such as MITRE ATT&CK®Experience working with globally distributed teams in Europe, America and IndiaStrong influencing skillsCompany Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
Retirement PlansMedical, Dental and Vision CoveragePaid Time OffPaid Parental LeaveSupport for Community InvolvementWe're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.