Product Security Manager
- 6021 Connection Dr, Irving, TX 75039, USA
Epsilon is the leader in outcome-based marketing. We enable marketing that’s built on proof, not promises. Through Epsilon PeopleCloud, the marketing platform for personalizing consumer journeys with performance transparency, Epsilon helps marketers anticipate, activate and prove measurable business outcomes. Powered by CORE ID®, the most accurate and stable identity management platform representing 200+ million people, Epsilon’s award-winning data and technology is rooted in privacy by design and underpinned by powerful AI. With more than 50 years of experience in personalization and performance working with the world’s top brands, agencies and publishers, Epsilon is a trusted partner leading CRM, digital media, loyalty and email programs. Positioned at the core of Publicis Groupe, Epsilon is a global company with over 8,000 employees in over 40 offices around the world. For more information, visit epsilon.com. Follow us on Twitter at @EpsilonMktg.
The Manager of Product Security is responsible for working with platform owners and client teams to understand their software platforms and help advise and guide proper secure development, hardening of systems, vulnerability and code canning management and assistance with SecOps and GSO (Global Security Office) groups. This member should have experience in software development, database development or network operations with a desire to expand their career in security.
Essential Duties and responsibilities:
- Learn assigned system platform. Collect and keep current all needed essential data of a platform including Data flows, Network Diagrams, Infrastructure, Software platforms, SDLC Processes and other related items.
- Collect and understand all needed platform requirements related to Compliance. This will include but not limited to PCI, SOC, NIST ISO 27001, PII, HIPAA (ePHI).
- Review and obtain a general knowledge of Privacy laws, how they affect our systems and how we maintain compliance
- Assist development teams on how to apply secure coding practices, properly scan and remediate their code using tools such as Veracode.
- Assist product team with compliance and audit information, assist during audits, assist in maintaining compliance related material
- Assist product team with risk management. With an understanding of the platform, help the product team work through questions and understanding of risks and related Risk Acceptance Document requests.
- Assist in managing resolution of RADs during the request lifetime.
- Assist product and client teams with communicating and understanding security concerns that arise during reviews and scans. This may involve communicating with clients directly.
- Build “trust” relationships with Product and client team members, NetEng, SecOps, VMOps, GSO and other groups as needed to accomplish goals
- Understand and implement DevSecOps in product development stream
- Assist with security incidents
- 5 to 7 years experience in either software development, database or network engineering
- Some understanding and desire to learn security operations
- A desire to expand and enhance communication and negotiation skills
- Ability to manage multiple tasks and follow through to complete each
- The desire to learn to build “trust relationships”
Great People, Deserve Great Benefits
We know that we have some of the brightest and most talented associates in the world, and we believe in rewarding them accordingly. If you work here, expect competitive pay, comprehensive health coverage, and endless opportunities to advance your career.
Epsilon is an Equal Opportunity Employer. Epsilon’s policy is not to discriminate against any applicant or employee based on actual or perceived race, age, sex or gender (including pregnancy), marital status, national origin, ancestry, citizenship status, mental or physical disability, religion, creed, color, sexual orientation, gender identity or expression (including transgender status), veteran status, genetic information, or any other characteristic protected by applicable federal, state or local law. Epsilon also prohibits harassment of applicants and employees based on any of these protected categories.
Epsilon will provide accommodations to applicants needing accommodations to complete the application process.