Director Of Product Security

3 Months ago • All levels

Job Summary

Job Description

Varonis is looking for a Director of Product Security to join the R&D organization and take full ownership of product security initiatives. This role involves spearheading the development and implementation of a comprehensive security strategy, encompassing both SaaS and on-premises solutions. The role requires managing internal and external risks, ensuring compliance, integrating security into the software development lifecycle, managing vulnerabilities, and conducting cloud security assessments. The candidate will work closely with R&D groups and lead compliance gap analysis.

Must have:

Manage security teams and lead managers and architects.
Collaborate with cross-functional departments and senior leadership.
Experience in security architecture, software development, and cloud security.
Experience in Product security, penetration testing and threat modeling.
Experience in public cloud services - IaaS, PaaS, SaaS across AWS, Azure and GCP.

Good to have:

Experience in Software development or Engineering leading roles.
Relevant certifications such as OSCP, CISSP, CISM, CCSP – advantage
Experience leading large security teams within a SaaS organization.
Experience as a CISO

11 skills required

11 skills required for this role

Add these skills to join the top 1% applicants for this job

saas-business-models

cross-functional

risk-management

risk-assessment

game-texts

ethical-hacking

cryptography

linux

aws

azure

cloud-security

Job Details

Summary

Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations become stricter, organizations struggle to answer one key question: “Is my data safe?”

At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe that the most practical approach is to protect data from the inside out. We’ve building the industry’s first fully autonomous data security platform to help our customers dramatically reduce risk with minimal human effort.

At Varonis, we move fast. We’re an ultra-collaborative company with brilliant people who care deeply about the details. Together, we’re solving interesting and complex puzzles to keep the world’s data safe.

We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.

We are looking for a Director of Product Security to join our R&D organization and take full ownership of Varonis product security initiatives. In this key leadership role, you will spearhead the development and implementation of our comprehensive security strategy, encompassing both SaaS and on-premises solutions.

Responsibilities:

Develop and lead the strategic vision to manage both internal and external risks associated with Varonis products and solutions.
Proactively advise the business on how to maintain compliance with appropriate regulatory or industry best practices.
Drive secure development lifecycle and integration of security features into all phases of software design and development, including advising on proper software architecture security standards.
Vulnerabilities management - Identify and facilitate remediation of application and cloud platform exposures and vulnerabilities, including implementation of relevant systems and tools for these purposes.
Conduct cloud security strategy, readiness and discovery assessments; be familiar with cloud security frameworks, compliance requirements and security operations
Research new application security tools and technologies as requested and evaluate options that enhance security capabilities.
Lead compliance gap analysis and implementation (such as SOC2, SOC3, FedRAMP)
Work closely with R&D groups - Dev teams, Platform, DevSecOps and DevOps teams, to enhance application and platform security on all layers, including monitoring and enforcement.
Conduct periodic pen testing against our Saas Platform components.

Job Requirements:

- Extensive experience in managing security teams and leading other managers and architects - managerial experience of 5+ years
- Experience collaborating with cross-functional departments, including senior leadership and C-level executives.
- Extensive experience in security architecture, software development, and public cloud or SaaS platform security.
- Experience in Product security, Penetration testing and threat modeling.
- Vast Experience in public cloud services - IaaS, PaaS, SaaS across AWS, Azure and GCP.
- Experience in securing Cloud based environments and complex topologies.
- Working in large engineering organization (at least 100 engineers) responsible for a SaaS offering.
- Experience with TLS \ Cryptography, Authentication technologies, IDP / SAML, WAF / Firewalls / Network security and Windows and Linux Security.
- Thorough understanding of cybersecurity frameworks, such as NIST CSF, CIS CSC, etc.
- Experience with implementing and maintaining cloud security tools and tech such as CSPM, EDRs, SIEM, SOC tools and more.
- Experience with web & application security, familiar with OWASP frameworks, solutions, and initiatives
- Experience with security solutions such as DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions.
- Experience in implementation of Secure Development LifeCycle
- Coordinate, participate and deliver threat modeling for given ew designs and architectures.
- Educate key stakeholders on program, risks, and importance of security in Varonis products & solutions.
- Work with the business to identify, capture, escalate, and close security vulnerabilities found in Varonis products.
- Leverage tools to deliver vulnerability information back to the development organization for remediation.
- Coordinate security risk assessments for new products & solutions through the risk assessment team

Advantages:

Experience in Software development or Engineering leading roles.
Relevant certifications such as OSCP, CISSP, CISM, CCSP – advantage
Experience leading large security teams within a SaaS organization.
Experience as a CISO

We invite you to check out our Instagram Page to gain further insight into the Varonis culture!

@VaronisLife

Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.

#LI-Hybrid