The Manager of Product Security is responsible for working with platform owners and client teams to understand their software platforms and help advise and guide proper secure development, hardening of systems, vulnerability and code canning management and assistance with SecOps and GSO (Global Security Office) groups. This member should have experience in software development, database development or network operations with a desire to expand their career in security.
Essential Duties and responsibilities:
- Learn assigned system platform. Collect and keep current all needed essential data of a platform including Data flows, Network Diagrams, Infrastructure, Software platforms, SDLC Processes and other related items.
- Collect and understand all needed platform requirements related to Compliance. This will include but not limited to PCI, SOC, NIST ISO 27001, PII, HIPAA (ePHI).
- Review and obtain a general knowledge of Privacy laws, how they affect our systems and how we maintain compliance
- Assist development teams on how to apply secure coding practices, properly scan and remediate their code using tools such as Veracode.
- Assist product team with compliance and audit information, assist during audits, assist in maintaining compliance related material
- Assist product team with risk management. With an understanding of the platform, help the product team work through questions and understanding of risks and related Risk Acceptance Document (RADs) requests.
- Assist in managing resolution of RADs during the request lifetime.
- Assist product and client teams with communicating and understanding security concerns that arise during reviews and scans. This may involve communicating with clients directly.
- Build “trust” relationships with Product and client team members, NetEng, SecOps, VMOps, GSO and other groups as needed to accomplish goals
- Understand and implement DevSecOps in product development stream
- Assist with security incidents
Required Skills:
- 5 to 7 years experience in either software development, database or network engineering
- Some understanding and desire to learn security operations
- A desire to expand and enhance communication and negotiation skills
- Ability to manage multiple tasks and follow through to complete each
- The desire to learn to build “trust relationships”
Epsilon is the leader in outcome-based marketing. We enable marketing that’s built on
proof, not promises.TM Through Epsilon PeopleCloud, the marketing platform for personalizing consumer journeys with performance transparency, Epsilon helps marketers anticipate, activate, and prove measurable business outcomes.
Powered by CORE ID,® the most accurate and stable identity management platform representing 200+ million people, Epsilon’s award-winning data and technology rooted in privacy by design and underpinned by powerful AI. With more than 50 years of experience in personalization and performance working with the world’s top brands, agencies, and publishers, Epsilon is a trusted partner leading CRM, digital media, loyalty, and email programs. Positioned at the core of Publicis Groupe, Epsilon is a global company with over 8,000 employees in over 40 offices around the world. For more information, visit epsilon.com.
Follow us on Twitter at @EpsilonMktg.
We see a world where modern marketing is built on truth, trust and transparency,
not smoke and mirrors. We want to be part of a world where consumers are
recognized and respected, privacy is protected and integrity is expected.
We enable marketing built on proof, not promises. We create robust customer
experiences that drive performance at the individual level, and help brands make
smarter decisions that drive real business outcomes.