portal resources jobs companies c couchbase, inc. senior manager - product/application security

Senior Manager - Product/application Security 🔥


The Product/Application Security - Sr. Manager is a highly visible role and will be responsible forestablishing secure SDLC practices including threat modeling and security testing to ensure thedelivery of secure product releases. You will evaluate application environments to ensure they arebeing designed and deployed in compliance with industry standards and best practices. You willcollaborate closely with Product Management, Engineering, SRE, Project Managers and others, indetermining and ensuring that security requirements for product releases are met as part of allphases of the secure software development lifecycle (SDLC) process You are a software developer at heart with a strong passion for security who will be regarded asthe SME for all things Product Security. You will work with multiple engineering teams tostandardize, implement and enhance product security. You will take an active role in training andspreading awareness to help build a security first culture. You will be responsible to supportapplication security tool deployments and recommend improvements on the tools and processesestablished within our application security framework to increase efficiency and mature theprogram. There will be frequent exposure to senior management

Key Responsibilities:

  • Perform security software architecture review and integrate threat modeling and abuse cases into the SDLC; Advise and implement secure software architecture patterns.
  • Drive the development and implementation of standard security review processes across the company that result in effective methods for reducing security risks before product releases.
  • Integrate application security tools within existing development, build and deployment
  • processes.
  • Conduct dynamic & static code scan reviews and run-time tests. 
  • Assist with the planning and execution of application penetration tests. 
  • Interface and collaborate with Engineering, Cloud and SOC teams during security
  • incidents.
  • Define and enforce IAM guidelines. 
  • Champion the remediation of security vulnerabilities in the products within define SLAs.
  • Assist in completing RFP security questionnaires
  • Define and establish a bug bounty program

Qualifications:

  • BS in Computer Science, Information Security, or a related field
  • 6-8+ years’ experience focused in the areas of software engineering, application security, cloud security and related disciplines
  • Solid understanding of current secure coding principles (e.g., OWASP Top10, OWASP SAMM) and Agile software development practices. 
  • Familiarity with a variety of software development & automation tools (e.g., GitHub, Jira, Jenkins, Qualys, SonarCube, Veracode, BlackDuck etc.)
  • A good understanding of threat modeling and how to mitigate application security
  • risks.
  • Knowledge of vulnerability management including CVSS scoring and CVEs across open source and third-party software and supply chains.
  • Strong understanding of various types of cloud service models (IAAS, PAAS, SAAS).
  • In Addition, good understanding of security features in AWS, Azure and GCP Infrastructure.
  • Good understanding of SSO, including OAUTH, SAML, Database and Mobile security experience a plus.
  • Industry Certifications such as CISSP, CISM, AWS Certified Security, Azure Security, Google Cloud Security Engineer are considered a plus.
  • Highly effective written and oral communication skills.
  • Strong project management skills and ability to work independently on engagements.
#LI-RemoteCA#LI- AS2
About CouchbaseAt Couchbase, we believe data is at the heart of the enterprise. We empower developers and architects to build, deploy, and run their most mission-critical applications. Couchbase delivers a high-performance, flexible and scalable modern database that runs across the data center and any cloud. Many of the world’s largest enterprises [1] rely on Couchbase to power the core applications their businesses depend on. 
As a 2021 Bay Area Best Places to Work [2] winner, Couchbase recognizes the need for time off when you need it. Enjoy unlimited time off (DTO), matching 401K contributions, ESPP and many other amazing benefits [3]. See more of our recent awards [4] to learn what makes Couchbase such a great company to work at. 
Learn more about Couchbase and our technical capabilities:
* Compare Couchbase vs. MongoDB [5]* Compare Couchbase vs. Oracle [6]* Browse the Developer Portal [7]



Couchbase is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
By using this website and submitting your information, you acknowledge our Candidate Privacy Notice [8] and understand your personal information may be processed in accordance our Candidate Privacy Notice.

  1. https://www.couchbase.com/customers
  2. https://blog.couchbase.com/couchbase-is-a-2021-best-place-to-work/
  3. https://www.couchbase.com/careers#benefits
  4. https://www.couchbase.com/about#awards
  5. https://www.couchbase.com/comparing-couchbase-vs-mongodb
  6. https://www.couchbase.com/comparing-couchbase-vs-oracle
  7. https://developer.couchbase.com/
  8. https://www.couchbase.com/candidate-privacy-notice

Let us send you new openings similar to Senior Manager - Product/application Security straight to your Inbox. Weekly or Daily. 7-day free trial đź’Ś

The ability to work remotely increases employee happiness by 20 percent.