Job Description

**Introduction** A career in IBM Software means you'll be part of a team that transforms our customer's challenges into solutions. Seeking new possibilities and always staying curious, we are a team dedicated to creating the world's leading AI-powered, cloud-native software solutions for our customers. Our renowned legacy creates endless global opportunities for our IBMers, so the door is always open for those who want to grow their career. IBM's product and technology landscape includes Research, Software, and Infrastructure. Entering this domain positions you at the heart of IBM, where growth and innovation thrive. **Your role and responsibilities** HashiCorp, an IBM Company (HashiCorp) solves development, operations, and security challenges in infrastructure so organizations can focus on business-critical tasks. Our open source software is used by millions of users to provision, secure, connect, and run any infrastructure for any application. The Global 2000 uses our enterprise software to accelerate application delivery and drive innovation through software. We are looking for a Product Security Manager to help scale our product security function, which works closely with engineering & product management to ensure that security is appropriately addressed across the HashiCorp suite of cloud and self-managed products. Security at HashiCorp is a remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy. In this role, your responsibilities will include: * Oversee and contribute to product-specific and program-level security initiatives and activities being undertaken by members of the Product Security team. * Work across various product and engineering teams to prioritize security features and bugs, and ensure implementation and mitigations. * Lead and grow a team of high-performing security engineers. * Develop roadmaps, track progress, and evaluate team / functions performance * Provide mentorship, support, and career development opportunities for team members and enable the team to scale. * Be a subject matter authority and have strategic influence * Assist leadership to develop strategic plans and long-term roadmaps * Monitor threats and vulnerabilities impacting HashiCorp products and services; triage reported vulnerabilities, identify mitigations and assess/communicate associated risk. * Plan & oversee security assessments (dynamic testing, static testing, code review, etc) and threat modeling of HashiCorp's products, services, and associated cloud infrastructure. * Manage design & implementation of security solutions across the product life-cycle, such as standalone security tools, CI/CD pipeline integrations, product security features/fixes, etc. * Act as SME on multiple information security areas (e.g. security architecture, application security, threat modeling etc.) **Required technical and professional expertise** * 6+ years of work experience in product security, application security, or broader security engineering areas * Demonstrated managerial aptitude & leadership skills * Ability to prioritize and track multiple projects in parallel * Ability to engage with stakeholders and communicate asks / status / gaps * Demonstrated technical experience across related security disciplines **Preferred technical and professional experience** * Product / service architectures in modern cloud environments (IaaS, SaaS, PaaS). * Amazon Web Services (AWS), Microsoft Azure, and/or Google Cloud Platform (GCP). * Modern engineering practices, processes, and tools, particularly related to the Go programming language and ecosystem. * Secure development practices, and integration into broader engineering activities. * Secure operations practices, specifically wrt. cloud environments. * Application and infrastructure security testing methodologies and tools. * Security design / architecture and threat modeling. * Vulnerabilities (old and new), and options for defense / mitigation. * Product vulnerability management lifecycle. * Security audits, penetration tests, and/or bug bounty programs. * Cryptography and cryptographic libraries. IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Job Tags

Work experience placement, Remote work,

Similar Jobs