Technical Program Manager, Security
- San Francisco, CA, USA
Optimizely is the world’s leading experience optimization platform, providing website and mobile A/B testing and personalization for the world’s leading brands. The platform’s ease of use and speed of deployment empowers organizations to conceive of and run experiments that help them make better data-inspired decisions. Optimizely meets the diverse needs of thousands of customers worldwide looking to deliver connected experiences to their audiences across channels. To date, those customers have created and delivered more than 700 billion optimized visitor experiences.
Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will lead our software security program that facilitates security being baked into all of the products and infrastructure built at Optimizely. The responsibilities are a blend of security engineering, software engineering and project management. If you’re a security engineer looking to get into a leadership position, this is a great opportunity for you to have impact across an entire engineering organization and build a world-class software security program.
Lead the software security program in Optimizely Engineering- ensure that security is baked in to everything we build at every step of the software development lifecycle
Grow a culture of security in Engineering - we do fun things like security happy hours, pizza and t-shirts
Maintain our software security awareness program and ensure 100% of engineers stay informed annually of top security risks and best practices
Create security policy, standards, procedures and guidelines for engineering
Perform security reviews of PRDs and technical design documents
Measure and grow security maturity across engineering
Triage security issues and provide recommended fixes
Facilitate independent security assessments and penetration tests
Evaluate new tools, processes, and frameworks; Drive adoption of the best ones
Review and respond to new security threats
Software engineering background. You may not be coding every day, but you will need to be comfortable reviewing and discussing code with software engineers
Familiarity with cloud security, particularly AWS Security concepts
Experience with security activities throughout the software development lifecycle- design reviews, threat modeling, code reviews, tooling, penetration testing, incident response
Able to influence without authority and have excellent teamwork skills
Exceptionally clear communication skills- you'll need to communicate effectively and build relationships with all levels and roles at Optimizely
Implementing software security programs like the Security Development Lifecycle
Discussing security with customers
Implementing controls for information security compliance programs including PCI, ISO 27001 and SOC 2
Worked in a fast growth startup environment
All your information will be kept confidential according to EEO guidelines.