Product Security Architect - Lucidworks Remote - US Bookmark Share Print 64 0 0

Listing Description

Today’s companies collect massive amounts of digital information from the clicks and choices of individual customers and employees. Those signals are then turned into the hyper-personalized experiences that buyers and workers expect and demand. Doing this successfully, and continuously, gives users genuine delight that drives both near-term enjoyment and long-term engagement.

At Lucidworks, our solutions personalize the discovery experience to reveal actionable insights about user intent and rapidly deliver them to the relevant channels of engagement. Every organization can now make every step of the journey more satisfying. Lucidworks empowers users to connect meaningful insights from anywhere and make them available everywhere – in the moment.

Lucidworks is shaping the future of digital experiences, AI, and machine learning by reimagining the power and value of search to create all-new, human-centered experiences. Our ambitious, empowered team is focused on helping our customers meet their loftiest goals. Fusion, our advanced development platform, gives these enterprises the capabilities to design, develop, and deploy intelligent search at any scale. 

Our roots are in Solr, the global search standard used by 90 percent of Fortune 500 companies, and our team includes leading search and discovery contributors and committers as well as many of the world's foremost search and machine learning innovators. We’re serious about the impact of our products to catalyze results for our customers, and about building a team that delivers meaningful results across a growing worldwide community.

The Role 

As the Product Security Architect, you will be responsible for ensuring that Lucidworks products meet a high standard of security and compliance. You will be responsible for defining policies and procedures as well as controls and tooling for product security initiatives. Additionally, you will conduct assessments and audits to measure compliance and performance against security goals. You will also assist sales and account teams with answering security questions from prospects and customers.

Job Responsibilities
  • Define security best practices and implementation guidance for containerized software deployments in Kubernetes.
  • Establish best practices for the effective avoidance, identification, and resolution of security weaknesses in products, services, and related processes.
  • Coordinate with CloudOps team members to ensure security best practices and vulnerability management of managed products.
  • Engage with product teams as both advisor and contributing team member to enable building security into complex systems across the entire product lifecycle; including conducting security reviews and coordinating penetration testing.
  • Partner with engineering teams in security activities during the product lifecycle, such as secure design reviews/threat modeling, security code reviews, security test planning, and component security hardening, to identify potential security weaknesses.
  • Perform analysis and execute POVs (Proof of Value) and POCs (Proof of Concepts) initiatives evaluating third-party and in-house security and compliance tools.
  • Help implement Secure Software Development Lifecycle (SSDLC) practices and use automation where possible.
  • Assist pre-sales teams in responding to security questions and concerns from prospects during the sales process.

    • Required Skills & Qualifications
  • 3+  years of related experiences
  • Master's degree a plus or Bachelor's Degree in related Software engineering or equivalent experience.
  • Container security experience with Docker and Kubernetes.
  • Secure software/systems development lifecycle experience. Demonstrable knowledge and experience in multiple of the following areas: Software development, SDLC, dependency management, coding, and scripting skills.
  • Strong familiarity with multiple common SCA, SAST, DAST, IAST tools e.g., OWASP, Synopsis, Qualys, Sonarqube, JFrog Xray, Coverity, WhiteSource, Checkmarx, Veracode, Snyk, and similar.
  • Application or system hardening, Security Testing / Penetration Testing, Fuzzing, Cloud security, Cryptography, Forensics, or reverse engineering.
  • Knowledge of common security standards and best practices, such as NIST 800-53/800-160, ISO 270xx, CWE, CVSS, OWASP Top 10, CERT Secure Coding Standards.
  • Prior or current involvement in industry security initiatives such as IETF, OWASP, ISO, CWE, BSIMM, Cloud Security Alliance, or any open-source project related to security.
  • Experience with performing security requirements analysis to secure the deployment of large globally distributed cloud-based platforms.

    • Even Better if you have:
  • Experience with storage technologies such as GCS, Networking: VPC, IDS/IPS, WPA, firewalls, reverse proxies, Load Balancers, Security Groups/List.
  • Experience with IT Security Frameworks such as NIST, ISO27001, PCI, DSS, FedRAMP
  • Certified Software Security Lifecycle Professional (CSSLP), Certified Information Systems Security Professional (CISSP) certification, SANS GIAC Certified Incident Handler (GCIH), or SANS GIAC Certified Penetration Tester (GPEN) or equivalent certification.
  • One or more of the following certifications: AWS Certified Solutions Architect (professional), AWS Certified Security (Specialty), CSA Certificate of Cloud Security Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP), CISSP.

    • What we're looking for:
  • Resourcefulness:  willing to jump in, work with both opportunity and constraint, and leverage existing resources to accomplish goals 
  • Team player:  confident in collaborating with a diverse community of people and personalities across geographies, backgrounds, and professional abilities
  • Outstanding interpersonal and written communication skills
  • Empathy and care for all stakeholders of Lucidworks, including employees, executives, customers, partners, and guests 
    • Competitive compensation package includes base + annual bonus (paid semi-annually) and equity.
    Estimated base range $185,000 to $225,000 dependent on candidate's skills, experience and expertise.

    About Lucidworks
     
    Lucidworks is leading digital transformation for some of the world's biggest retailers, financial services firms, manufacturers, and healthcare providers. By fusing the power of search and AI, Lucidworks creates connected experiences for shopping, work, research, and support. Brands like Lenovo, Reddit, and Red Hat rely on Lucidworks to power personalized experiences that delight customers and empower employees.
     
    Lucidworks Products:
    Build AI-Powered Search and Data Apps

    Our new SaaS platform that power applications to capture and manage user insights so you can maximize every digital moment.

    Give your website the best relevancy with an easy-to-use platform anyone can manage.

    Say goodbye to zero results searches

    Faster self-serve for customers and contact centers
     
    Lucidworks believes in the power of diversity and inclusion to help us do our best work. We are an Equal Opportunity employer and welcome talent across a full range of backgrounds, orientation, origin, and identity in an inclusive and non-discriminatory way. Applicants receive consideration based on the relevant talents, skills, and experiences they offer to our company. Thank you for your interest and we look forward to learning more about you.

    We want working at Lucidworks to benefit you. That’s why we cover 100% of our employees’ healthcare premiums, worldwide, and generously fund premiums for dependents. With medical, dental, vision, and other forms of wellness, we provide a solid baseline and actively explore what else we can offer. We believe in the importance of parental leaves, work-life balance, flexible work schedules, and support for you working from home, one of our offices, or the mix that works for you. Get to know our benefits and the message is clear: we care about your wellbeing because we care about you.

    >Employer Paid Healthcare
    >Generous PTO and Time Off
    >Paid Maternity and Parental Leave
    >Flexible Team Work - home, office or hybrid

    COVID Vaccination:
    Lucidworks policy requires employees to be vaccinated before they visit an office.
    We are a remote first company but in certain positions where office attendance is deemed to be essential to the role, offers of employment shall be conditional upon proof of vaccination or exception.

    Listing Details

    • Citizenship: Not Provided
    • Incentives: Not Provided

     

    • Education: Not Provided
    • Travel: Not Provided
    • Telework: Not Provided

    About Us

    NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

    Useful Links

    Our Contacts

    1765 Greensboro Station Pl.
    Suite 900
    Tysons Corner Va 22102

    (703) 594-7765

    requests@ninjajobs.org
    www.ninjajobs.org
    Chat with us!