Apply now

Apply for Job

Head Of R&D Security

Date:  Jul 22, 2022
Location: 

Israel, Petach Tikva

Job Category:  R&D
Department:  Product & Technology

Who we are:

CyberArk (NASDAQ: CYBR) is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets.

 

What will you do

CyberArk is looking for a highly motivated Head Of R&D Security who will lead all R&D security strategy related aspects.

As part of this role you will lead application security aspects of our different products, nurture & build our security staff, pipeline security, service security readiness of our SaaS offerings, secure our cloud accounts and more based on industry security trends. 

This is a unique opportunity to lead a key domain in Cyber Security leader company with high attention and projector bottom to up / up to bottom cross the organization.

  • Lead the security core team in R&D
  • Nurture, build, mentor the security staff and culture in R&D (including training for security champions, education to more roles, recruitments of experienced security members, lead our R&D security community)
  • Be responsible to CyberArk SSDLC processes-
    • Following industry standards such OWASP, NIST, FIPS, SANS, CIS, and more
    • Escort sensitive features, conduct threat modeling
    • Research, POC, adoption of relevant security automated tools in the pipelines (e.g. SAST, SCA, DAST, secret leakage prevention)
    • Risk assessment to our pipelines
    • Both for self-hosted and SaaS products
  • Escort R&D teams in relevant security findings / reports (raised internally / externally) / incidents - asses severity assessment and risk, help to find mitigations, solutions, prevention ahead.
    • In addition work closely with CyberArk internal Red-Teaming to conduct PTs over the year.
    • Work with external vendors to conduct external PT
  • Push and nurture DevSecOps spirit, work closely with our DevOps units to implement security as an integral part of the dev work, shift left & developer first approach
  • Be part of security review processes as part of CyberArk due diligence initiatives.  
  • Plan cross proactive security plans:
    • Have clear maintained backlog & goals driven risks
    • Being an enabler to R&D products team to understand the risks, combine them in their plans Vs. other commitments
  • Lead the security steering committee and update management and audit committee on security strategy, progress , risks and goals.
  • Cloud Security - Escort the R&D groups to have the right architecture, CCM CAIQ maturity & readiness, security of our cloud accounts (AWS, Azure, GCP)
  • Be part of ISO / SOC2 compliances process
  • Close interfaces with: Global R&D groups, PM Security, IT Security, Cloud Engineering, Legal, Research & Red-Team units

 

What you need to succeed:

  • 7+ years of experience in software development and at least 3 years of experience in cyber security domains
  • 4+ years of management leading / managerial experience while also being able to go into deep dive architecture / code areas once needed.
  • Highest level of responsibility, confidentiality, and risk evaluation
  • See the big picture, differentiate risks, know to harness based on risks
  • Experience with leading projects and initiatives involving both managing resources and collaborating with other teams
  • Conflict eliminator, flexible, matrix leading
  • Lead for decisions in a stress mode / with lack , small amount of information / risk MGMT all the time

 

To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on Twitter via @CyberArkLinkedIn or Facebook.

#LI-YZ1

Apply now

Apply for Job