Technical Program Manager (SRO)
Austin, TexasJob ID R13406 Date posted Mar. 06, 2019
Technical Program Manager
Location: Hopkinton, MA or Round Rock, TX
Dell provides the technology that transforms the way we all work and live. But we are more than a technology company — we are a people company. We inspire, challenge and respect every one of our over 100,000 employees. We also provide them with unparalleled growth and development opportunities. We can’t wait for you to discover this for yourself as a Technical Program Manager on our Product and Application Security team.
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.
We are currently seeking a Technical Program Manager to join Dell’s Product and Application Security team, who will manage our newly developed and rapidly growing third party component risk management system, working closely with both internal engineering teams and external solution vendors in support of tactical objectives and long term strategic goals. The ideal candidate has a background that includes some security expertise, knowledge of modern software development practices, and comfort with the current open source ecosystem.
Principal Duties and Responsibilities:
- Shapes, maintains, grows, and continuously improves an enterprise-wide service for cataloging the use of third party software and helping teams manage the risk introduced by the same
- Works closely with stakeholders in product and application teams, our Legal department, and the Product and Application Security team to derive and prioritize business requirements for the third-party component management system
- Develops and collects key performance indicators in the areas of adoption and effectiveness of the service, and uses these to help drive priorities and shift strategies
- Integrates with Business Intelligence applications to report on collected metrics to stakeholders at multiple levels of seniority across the company
- In collaboration with technical experts within engineering teams, develops plans for and oversees integration with workflow and incident management tools to improve the effectiveness of the third-party component management system
- Documents procedures, standards, and best practices for use of the third-party component management service; with input from service consumers, continuously reviews and improves standard practices
- Acts as intermediary between Dell teams and external vendors as related to the product roadmap, feature requests, and any necessary service engagements
- Acts as a Subject Matter Expert (SME) in the area of open source and third-party software risk management, including issues of vulnerability response
- Provides requirements and insight into Dell’s third-party component management service strategy
- Helps provide support and training to vulnerability response champions, legal stakeholders, and development teams
- Bachelor's degree in Computer Science, Information Security, Risk Management, Information Systems, or a related field, or equivalent professional experience
- 8+ years of related experience, specifically in Software Engineering, Product Lifecycle Management, Engineering operations
- Knowledge of the current open source software ecosystem, commonly used open source software, and the modern development practices associated with them
- Comfort working with external vendors on areas of product roadmap, support, and education
- Experience with market-leading solutions in third party software scanning, inventory, and vulnerability management such as Black Duck, Palamida, and FOSSology
- Exposure to Secure Development Lifecycle practices such as threat modeling, security testing, code reviews, etc.
- Exposure to security vulnerability concepts, including CVSS
- Exposure to software development CI/CD pipeline tools and current software engineering methodologies (Agile/SCRUM, DevOps)
- Exposure to Container technology and related support, and Cloud application development
- Well-organized, with the ability to prioritize tasks and deliverables and manage dynamic priorities
- Ability to communicate complex and technical issues to diverse audiences in a global organization, orally and in writing, in an easily-understood, authoritative and actionable manner
- Must be eligible to work in the US without restrictions; visa sponsorship is not available
We offer highly competitive salaries, bonus programs, world-class benefits, and unparalleled growth and development opportunities — all to create a compelling and rewarding work environment.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here.