Staff Product Security Architect

Staff Product Security Architect

The Staff Product Security Architect is responsible for communicating the security requirements for Diligent products. This person understands Cyber Security challenges related to software and cloud architecture and provides guidance to engineering and development teams. Reporting to the Director, Application Security, this person will serve as a strategic security partner to both Product and Engineering leadership. As a key security stakeholder to the Engineering and Product Management organizations, this role's primary objective is to clearly communicate security requirements for developers, engineers, and product managers and to ensure that Diligent products are architected and deployed in a secure manner.

This role requires good analytical, organizational and communication skills (internal, external, and to various levels of leadership), highly developed problem solving and project management skills.

Key Responsibilities

• Provide Cyber Security subject matter expertise in documenting, implementing, and communicating product security concepts, requirements, and policies to the Engineering and Product Management teams.
• Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed by various teams and recommend enhancements where needed through threat modelling or security reviews.
• Collaborate with the Product and Engineering teams to prioritize security features and the remediation of security findings.
• Perform industry research as necessary to support feature development and program maturity.
• In collaboration with Risk Management team, perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
• Create and maintain product related security architecture documentation, standards and guidelines as needed.

Required Experience/Skills

• 7+ years in Information Security related positions
• 3+ years of Security Architecture experience
• 2+ years working in Cloud Architecture (AWS/Azure/GCP)
• Proven experience embedding security into engineering processes and influencing product development
• In-depth knowledge of modern web application vulnerabilities and approaches to remediation
• An analytical mind with excellent problem-solving ability
• Outstanding communication and organization skills
• Effective use of analogies, visuals, and other techniques to tailor communications to specific audiences
• Familiarity with security frameworks (e.g. NIST Cybersecurity framework) and risk management methodologies
• Able to produce advanced reporting
• BS/BA in Computer Science or a related field or equivalent combination of education and experience

Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology, insights and connections they need to drive greater impact and accountability – to lead with purpose. Our employees are passionate, smart, and creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place.

Headquartered in New York, Diligent has offices in Washington D.C., London, Galway, Budapest, Vancouver, Bengaluru, Munich, Singapore and Sydney. To foster strong collaboration and connection, this role will follow a hybrid work model. If you are within a commuting distance to one of our Diligent office locations, you will be expected to work onsite at least 50% of the time. We believe that in-person engagement helps drive innovation, teamwork, and a strong sense of community.