Head of Product Security Assurance Head of Product Security Assurance …

Finastra UK
in London, United Kingdom
Permanent, Full time
Be the first to apply
Competitive
Finastra UK
in London, United Kingdom
Permanent, Full time
Be the first to apply
Competitive
Head of Product Security Assurance
What will you contribute?

Finastra has a broad range of products which were developed in isolation over many years. The Head of Product Security Assurance will drive the security requirements and adoption consistently across products, while ensuring alignment with company's strategy, regulations, and various trends in the financial services industry. The individual will lead a global team of security engineers, penetration testers, and security researchers, and will report directly to the Head of Product & Data Security.

Responsibilities & Deliverables:
Your deliverables will include, but are not limited to, the following:
  • Build and lead a high-performing security team, by successful mentoring, coaching and motivating team members based from various cultures.
  • Assist in the definition of the strategy for overall Product and Data security, focusing security testing, secure coding and vulnerability management.
  • Enhance and maintain the product security assurance standard, process and guidelines.
  • Work with product engineers, architects, developers to embed product security assurance program in the software development lifecycle.
  • Work with DevOps to integrate security testing tools into the DevOps pipeline.
  • Work with the Global Services teams to address the security issues raised by the clients.
  • Support the Sales teams to fill out RFPs and RFQs about Finastra's product security posture.
  • Partner with the lines of business to understand our clients' security needs and the marketplace security standards.
  • Identify and evaluate security testing tools such as SAST, DAST, IAST and SCA.
  • Manage vendors that provide security testing tools and penetration testing services.

Required Experience:
  • Previous experience in leadership roles within global organizations, ideally across multiple geographies and cultures.
  • Strong knowledge of software development methodologies and lifecycles.
  • Expert knowledge of integrating security testing tools into the DevOps pipelines, e.g. define what goes to build versus release pipelines.
  • Expert knowledge of web application security, web services and mobile application security.
  • Experience with static code review tools (Veracode, Fortify, CheckMarx, Coverity, etc)
  • Experience with software composition analysis tools (WhiteSource, BlackDuck, Veracode, etc)
  • Experience with security testing tools (Burp suite, Appscan, WebInspector, SQLMAP, Kali, etc.)
  • Working knowledge of IDM, IAM and AAA (SAML, OpenID, Oauth).
  • Working knowledge of networking protocols and cryptography.
*************************************************************************************************************

The above statements describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential job functions. If you need assistance or an accommodation due to disability please contact your recruitment partner.

*************************************************************************************************************
More Jobs Like This
See more jobs
Close
Loading...
Loading...