Product Security Architect (SRO)
Round Rock, TexasJob ID R76930 Date posted May. 21, 2019
Product Security Architect
Round Rock, Texas
Dell is the world’s largest technology company, helping people with their digital transformation journey and changing society as we know it in the process. Voted among the world’s most ethical companies and included on Fortune’s list of most admired companies, we seek men and women who share our values and want to participate in transforming the way people live and work through technology.
The Product Security Architect, Dell Technologies Services (DT Services) has the broad responsibility to provide technical oversight across diverse software application ecosystems encompassing a large number applications that enable proactive, predictive, and remote deployment, support, and management of computer technology.
The Product Security Architect will work across a large, globally dispersed engineering organization of software development professionals to architect and drive standardization on secure software system architectures, drive system level threat modeling across DT Services engineering and beyond into other Dell Technologies engineering organizations, and in partnership with central SRO Product and Application Security (PAS) teams will ensure remote support applications are developed with an ever evolving and increasing level of software security and resiliency built into products in the design and requirements stages.
This position will direct report to the SRO Business Unit Security Officer and Head of Security for DT Services.
The ideal candidate will be adaptable and forward-leaning, and always looking for ways to enable the business in a compliant, secure, and resilient manner.
- Working with the central SRO Product and Application Security team and with deep knowledge of the applications developed in the DT Services business will take high level design requirements and translate them into actionable security reference architectures and related for DT Services engineering teams.
- Will work with DT Services engineering leadership to identify and roadmap security feature development and capability needs, exceeding customer security and trust expectations and aligned with changing service business model.
- Will provide technical security review of potential technology or business acquisitions proposed in the DT Services business to ensure proposed acquisitions are aligned with security roadmap.
- Will work with DT Services engineering, legal, procurement, partners to ensure software development service and technology procurement is secure and Dell customers, IP, and brand is protected.
- Working with the Product Security Governance PM will ensure DT Services Security Champions are aligned across dispersed development teams and oriented to system level security architecture.
- Working with the Product Security Remediation PM will ensure technical dependencies in software vulnerability remediation between DT Services products and technologies are identified and addressed.
- Will work with partners in DT Services to scope out penetration tests and related software security validation tests, performed by third parties, to ensure statements of work are appropriate.
- Will make recommendations regarding product end of life based upon unsupportable or increasingly more vulnerable operating systems, third party components, open source or other vulnerabilities.
- Recommends actions and program changes to drive continuous improvement of SRO PAS program and better align SRO PAS services and resources to DT Services engineering and product development needs.
Critical Hiring Criteria
- Requires 12+ years of related experience in a professional role with a Bachelor’s degree; or 8+ years with a Master’s degree; or 5+ years with a PhD; or equivalent experience. Computer Science, Management Information Systems, Engineering, or other technical field of study preferred.
- Ability to operate effectively in a fast-paced environment with competing and shifting priorities
- Ability to work collaboratively and effectively as part of a larger matrixed organization
- Ability to confidently and effectively present complex technical topics to senior non-technical audiences
- Experience conducting threat modeling across application ecosystems and between software platforms
- Experience designing system level software security architectures for technology products
- Experience taking security policy statements and high-level design documents to create actionable security reference architectures which can be leveraged at scale by development teams preferred
- Experience building security into software applications used in the intake, processing, and alerting of telemetry data used in support and service operations preferred
- Certified Secure Software Lifecycle Professional (CSSLP), Offensive Security Cybersecurity Professional (OSCP), Certified Ethical Hacker (CEH), or related professional certification is preferred
- Excellent written and verbal communication skills, technical writing experience preferred
- Results-driven and accountability-minded
- Travel, some international, expected to be <10%
Dell is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity and/or expression, national origin, protected veteran status, disability, genetics, or citizenship status (when otherwise legally authorized to work) and will not be discriminated against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we operate. Dell encourages applicants of all ages.