Product Security Architect Manager- San Mateo, CA
Guidewire serves a global community of more than 350 insurers of all sizes and lines of business in more than 30 countries. Community feedback enables us to stay at the forefront of what is happening all over the world in P&C and to incorporate insights into the design of our platform to be truly customer centric.
As a Product Security Architect Manager on the Product Development team, you will:
- As the technical leader of the Product Security team, drive overall product security architecture.
- Mentor the existing team of product security architects and grow the team to meet the needs of the business.
- Integrate security into Guidewire's SDLC. Provide direction and guidance to Dev, QA and DevOps teams on secure application development, testing and deployment strategies. Conduct security design reviews and code reviews of application features and functionality
- Perform technical security assessments and threat modeling of our web applications, web services, databases, messaging, and other components. Provide remediation solutions when necessary.
- Be the product development liaison to the CISO and his team
- Provide security domain expertise to leaders across the entire Guidewire organization
- Work with Guidewire's CISO, Compliance, and Corporate IT Security team to ensure Guidewires companywide security and compliance objectives are met
- Work with the rest of the Product Security team to manage Guidewire's day to day product security operations and incident response process
- Occasionally work with Guidewire customers and prospects to provide an overview of Guidewire's security program and answer security related questions
What do you need, to be successful in this role :
- At least 5 years of experience in product security. Broad knowledge of security best practices.
- At least 5 years of commercial software and SaaS product development
- Demonstrated knowledge and experience with web security and secure development practices
- Demonstrated knowledge of secrets management, cryptography, and authentication and authorization protocols such as OAuth and SAML
- Prior experience in implementing and integrating tools for static analysis, dynamic analysis, fuzzing, and penetration testing
- Expertise in securing applications and services in public cloud models, preferably AWS
- Experience with common CI/CD and software deployment automation tools
- Ability to build strong relationships, earning the confidence and trust of senior managers and team members.
- Ability to effectively prioritize and manage multiple projects and responsibilities
- High level of self-motivation, whilst comfortable working self-sufficiently in a fast paced business
The ideal candidate will share our core values: COLLEGIALITY, INTEGRITY, and RATIONALITY.
Collegiality - We value strong teams. We work together as professional equals. We strive to continuously improve our processes and make realistic assumptions to maintain a reasonable work-life balance. We are trusted to manage our own time. We value ideas, not titles. We welcome and consider contrary opinions.
Integrity - We insist on truthful relationships with customers, prospective customers, partners, investors, and each other in everything that we do.
Rationality - We communicate through clear arguments. We decide carefully based on factual evidence. We like calm, systematic, thoughtful solutions. We believe in testing. We never assume that we're building software the "best" way, and constantly seek to improve our processes.
Guidewire exists to deliver the industry platform that P&C insurers rely upon to adapt and succeed in a time of accelerating change—and to ensure that every customer succeeds in the journey. We provide the software, services, and partner ecosystem to enable our customers to run, differentiate, and grow their business.
Guidewire InsurancePlatform is the P&C industry platform that unifies software, services, and partner ecosystem to power our customers’ business. InsurancePlatform provides the standard upon which insurers can engage their customers, optimize their operations, drive smart decisions, and innovate quickly. We are privileged to serve more than 350 P&C insurers in 32 countries. We invest heavily in R&D to build a technology platform that combines three elements—core processing, data and analytics, and digital engagement—to enhance insurers’ ability to engage and empower their customers and employees.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it’s applicable to the position.