Micro Focus is one of the world's largest enterprise software providers, delivering the mission-critical software that keeps the digital world running. We combine pragmatism, discipline, and customer-centric innovation to deliver trusted, proven solutions that customers need in order to succeed in today's rapidly evolving marketplace.That's high tech without the drama. www.microfocus.com
About the Role
The Application Security Leader is responsible for providing security expertise and governance for delivery of Micro Focus products in both SaaS and licensed applications. The Application Security Leader will gain familiarity with Microfocus products and ensure products are delivered with the appropriate security controls as required by industry, customer, legal and regulatory standards and agreements.
The Application Security Leader will:
provide product security governance and expertise to support secure product delivery for six product groups, 300+ products, 3500+ software engineers, and more than 200 security practitioners
manage Secure Development Lifecycle (SDL); modeled using characteristics from OWASP SAMM (Software Assurance Maturity Model), BSIMM (Building Security In Maturity Model), and Microsoft Security Development Lifecycle
Responsible for deployment of SDL across R&D organizations and adoption of 13 security practices
coordinate policy approval with stakeholders, including product groups, Cyber Security, and Legal
Review security gate-related metrics and negotiate with product group security leads on an as-needed basis on mitigation strategies for resolving outstanding issues; formulate PSec position recommendation on release go/no-go
Support business development and sales by evaluating and responding to Requests for Information (RFIs), Requests for Proposal (RFPs), Standardized Information Gathering (SIG) questionnaires, and tailored security attestations
Support sales opportunities with thought leadership; maintain market presence via papers, blogs, and conferences
Host meetings in APJ/EMEA and AMS time zones to promote the education, awareness, and professional development of the PSec Community, which includes security champions, security leads, security pre-sales, and pro services
Maintain knowledge of security features for Microfocus products
Maintain familiarity with organizational security policies and standards
Provide RFP responses to security questions during presales
Respond to customers security questionnaires and surveys
Assist in response to customer audits
Advise product teams on alternative or compensating controls as needed
Report gaps or issues noted in responding to security questionnaires
Education and Experience Required:
At least 10 years equivalent experience in application security and software security compliance
Undergraduate degree or equivalent qualification in Information Technology, Information Security or related field, or relevant industry knowledge and experience
Familiarity with cybersecurity frameworks and standards such as ISO27001, SOC 2, NIST
Professional certification such as CISSP, CISM, etc. a plus
Skills and Knowledge Required:
Experience with security audits a plus
Proficient with Microsoft Office suite (Word, Excel, PowerPoint) & Share Point
Oral and written communication skills with the ability to present and discuss technical information in a way that is understandable for non-technical audiences
Ability to collaborate with technical and project teams across multiple business functions
Problem solving and analytical ability
Strategic thinking and relationship management
Skilled in time management and coordinating multiple priorities
Skilled in planning, problem solving, analysis, collaboration, and communication
If you want to be part of what's next andfind out more about ouravailable opportunities, visitMicro Focus Careers.
#DiceSD
#LI-SD1
#LI-Remote
Job:
Services
Micro Focus is proud to be an Equal Opportunity Employer. Prospective employees will receive consideration without discrimination because of race, colour, religion, creed, gender, national origin, age, disability, marital or veteran status, sexual orientation, genetic information, citizenship or any other legally protected status
