Product Security Architect

Posted 5 months agoViewed

💎 Seniority level: Senior, 8+ years

📍 Location: Ireland

🔍 Industry: Revenue Intelligence Technology

🏢 Company: Gong.io

🗣️ Languages: English

⏳ Experience: 8+ years

🪄 Skills: AWSLeadershipSoftware DevelopmentGCPAzureCommunication SkillsCollaborationCI/CD

8+ years of experience in Information Security.
Extensive experience in designing, implementing, and managing security architectures for complex applications.
Deep understanding of application security principles, frameworks, and standards (e.g., OWASP, NIST).
Strong knowledge of authentication, authorization, encryption, and other security protocols.
Hands-on experience designing and building secure web/mobile applications, systems, or networks.
Familiarity with security methodologies and industry standards (e.g., ISO27001, PCI-DSS, GDPR).
Proficiency in secure software development practices, including SSDLC and DevSecOps.
Experience securing Cloud environments (AWS, GCP, Azure) and networks.
Ability to conduct risk assessments, threat modeling, and vulnerability assessments.
Experience in conducting security reviews, code audits, and threat modeling.
Excellent communication skills to convey security concepts effectively.
Proven leadership skills to mentor and guide security team members.
Strong collaboration skills to work with cross-functional teams.

Design secure systems and conduct threat modeling for new and existing features.
Review, identify, and mitigate security risks in architecture, applications, and infrastructure levels.
Perform regular security assessments and audits to identify vulnerabilities and ensure compliance with security standards.
Develop, maintain, and audit information security policies and guidelines.
Actively influence the product and services roadmap and security implementation.
Continually improve Secure Development Lifecycle (SDLC) practices within R&D and Product units.
Integrate security best practices into CI/CD pipelines and development workflows.
Ensure effectiveness of processes and controls to meet various standards, regulations, and audits.
Provide guidance and mentorship to development teams on secure coding practices and principles.
Collaborate with cross-functional teams to ensure security integration into R&D.
Communicate security risks and recommendations effectively to stakeholders.
Review new tools and processes to detect security threats.
Generate regular reports on security posture, vulnerabilities, and compliance status.