Digital technology is no longer just another tool in the IT, marketing, sales or service toolbox to engage, inspire and attract customers. It is becoming the foundation of entirely new ways of doing business as well as giving rise to entirely new businesses. There could be 100 billion connected devices expected by 2025, leading towards a trillion sensor ecosystem. 1 billion digital natives are expected to join the workforce over the next 7 years. In a hyper-connected era of mobile, social, cloud, big data, and the Internet of Things, future growth will depend on platform business models.
Axway (Euronext: AXW.PA) is a catalyst for transformation. With Axway AMPLIFY™, our cloud-enabled data integration and engagement platform, leading brands better anticipate, adapt and scale to meet ever-changing customer expectations. Our unified, API-first approach connects data from anywhere, fuels millions of apps and delivers real-time analytics to build customer experience networks. From idea to execution, we help make the future possible for more than 11,000 organizations in 100 countries. To learn more about Axway, visit www.axway.com.
This position can work either from our office in Santa Clara or the corporate office in Phoenix, AZ.
The Director of the security group will be responsible to:
Manage a staff of world-class application security team members.
Motivate the team and partner teams through outstanding leadership and deep knowledge of the application security domain.
Have passion for real security and be able to positively spread this enthusiasm to partner teams.
Partner with product designers, engineers and executive functions to ensure new products and features are built securely
Drive a cohesive and defensible product security strategy that inspires the team and is easy to understand and communicate to the company
Articulate security requirements clearly and factually. Be able to demonstrate the importance of a requirement via real world examples or data while avoiding theoretical or hypothetical arguments.
Assist the product support organization to deliver optimal security outcomes for all customers
Manage customer security expectation, assist the product support organization to deliver optimal security outcomes for all customers
Provide security expertize on the RFP support and the Security Audit requirements.
Support the incident response with application security expertise, providing a balanced opinion of security vs. functionality tradeoffs.
Support application security expertize to the software and solutions architecture review processes.
Partner with multiple teams across multiple locations with varying sets of priorities to ensure a timely delivery of the secure solution
Oversee employees and vendors during penetration testing, architecture consulting and security reviews engagements
Lead internal process improvement projects, including the development and implementation of internal tools
Deliver Security training, guidelines and outreach to internal development teams
Produce meaningful metrics to demonstrate the current state of the product security program
Safeguarding Axway and Axway customer data through compliance with Axway policies and the appropriate use of Axway equipment and facilities
10+ years of relevant work experience, including hands-on technical management and coding skills, and proven ability to contribute at both strategic and operational levels
5+ years of management experience leading people in mid to large organizations
Demonstrated ability to recruit and manage technical teams, including performance management
Team player with strong interpersonal, written and verbal communication skills.
Work independently with minimal supervision and drive execution.
Hands-on experience with security testing tools, static analysis and dynamic analysis tools a plus.
Ability to work in a cross functional team environment.
Ability to lead broad audience through technical concepts.
Must be able to effectively develop and communicate information security strategies and architectures (e.g. solution architecture specifications, long range security strategies).
Must be able to translate highly technical concepts into language that is meaningful to many audiences, including software engineers, business and technical leaders and external security community members.
Must be able to explain all vulnerability classes and design weaknesses in the OWASP Top 10, WASC TCv2 and CWE 25 to any audience along with effective defensive techniques.
Technical knowledge of applied cryptography – cryptographic algorithms, security protocols, FIPS 140-2 requirements - a big plus
Experience with NIAP Common Criteria evaluation a plus
Experience with CFIUS agreement a plus.
Security certification CISSP preferred
Bachelors or Master’s Degree in Computer Science, Information Security, or equivalent work experience required.
Axway is an AA and Equal Opportunity Employer