Engineer IV, Product Security id-6183
About the position
The College Board's Product Security team is an agile organization that embraces DevSecOps and cloud-native systems, focusing on improving the speed and security of service delivery in support of an important mission. The College Board is seeking an Engineer IV - Product Security to help drive the development of innovative and transformative security solutions in our DevSecOps and cloud transformation initiatives. This role is a highly technical and creative contributor to a cutting-edge cloud and application security team, enabling the agile development of secure and reliable cloud-based solutions through strong partnerships and interactions with our Products Teams.
As a Product Security Engineer, you will support and manage a variety of projects within the Product Security team. In this role, you will learn and introduce new security services, technologies, and technical solutions to secure our products and platforms. You will interact with various stakeholders, including product development leads, architects, Cybersecurity operations, Risk and Compliance teams, and external partners/vendors such as ETS and various SaaS providers.
Your responsibilities will include reviewing and adopting new innovative security solutions, updating existing solutions, negotiating alternative options, and participating in building technical and release roadmaps. In your capacity as an Engineer IV, you will lead and mentor junior team members, supporting their growth and development in Product Security concepts, tools, and best practices. You will act as a liaison between Product Security teams and the Information Security Office, embedding into planning and grooming sessions, and developing a deep understanding of our Security Policies and Audit requirements to support assigned Partner teams, GRC Exceptions, and Audit efforts.
You will create Risk Registers for your assigned products and communicate application risks and vulnerabilities to technical stakeholders, leading application vulnerability reviews and remediation efforts. Your role will also involve promoting and enhancing the Product Security Partners program to develop Security Champions and enable development teams to shift left, as well as supporting the implementation and operationalization of security tooling and common integrated development environments (AWS).
Other Jobs You May Be Interested In
Remote Data Entry, No Experience, $40/hr, Part-Time
Virtual Assistant, $45/hr, Remote, No Experience, Night Job
Entry-Level Remote Data Entry, $50/hr, Evening Job
Customer Support, No Degree, $40/hr, Remote, Weekend Job
Remote Phone Job, $42/hr, Part-Time, College Student Friendly
Virtual Assistant, $40/hr, Remote, No Degree, Night Job
Part-Time Data Entry, $45/hr, Remote, College Student Friendly
Remote Moderator, No Degree, $50/hr, Evening, Weekend Job
Remote Customer Support, $42/hr, Night Job, No Experience
Live Chat Support, $40/hr, Remote, Entry Level, Part-Time
Virtual Assistant, Remote, $42/hr, Weekend, No Experience
Remote Data Entry, $45/hr, No Degree, Night Shift
Part-Time Customer Support, $40/hr, Remote, College Student
Remote Live Chat, $50/hr, Part-Time, Evening/Night Job
Entry Level Phone Job, $42/hr, Remote, No Degree Required
Weekend Data Entry, $45/hr, Remote, No Experience
Remote Virtual Assistant, $40/hr, Evening, Part-Time Job
Remote Moderator, $42/hr, Part-Time, Weekend, No Degree
Data Entry, $45/hr, Remote, Night Shift, College Student Job
Phone Support, Remote, $50/hr, No Experience, Part-Time
Virtual Assistant, No Experience, $42/hr, Remote, Weekend
Remote Customer Support, $45/hr, Part-Time, College Student
Data Entry, Remote, $40/hr, Night Shift, No Degree
Evening Virtual Assistant, Remote, $45/hr, No Experience
Weekend Customer Support, $42/hr, Remote, College Student
Remote Data Entry, $50/hr, No Experience, Evening/Night Job
Remote Live Chat, $40/hr, Part-Time, No Degree Required
Virtual Assistant, $42/hr, Remote, Weekend, Entry Level
Remote Phone Support, $45/hr, Evening, No Experience Required
Data Entry, No Experience, $50/hr, Remote, College Student
Remote Moderator, $40/hr, Weekend, No Degree, Part-Time
Live Chat Support, Remote, $42/hr, Night Shift, College Student
Phone Job, $50/hr, Remote, No Degree, Part-Time, Weekend
Data Entry, $45/hr, Remote, Evening, No Experience Required
Virtual Assistant, No Experience, $42/hr, Remote, Part-Time
Remote Customer Support, $50/hr, Night Shift, No Degree
Remote Data Entry, $40/hr, College Student Friendly, Part-Time
Live Chat Support, $42/hr, Weekend, Remote, No Degree
Virtual Assistant, Remote, $45/hr, Evening, No Experience
Remote Phone Job, $50/hr, College Student, Night Shift
Remote Moderator, $42/hr, Weekend, No Experience Required
Data Entry, No Degree, $45/hr, Part-Time, Remote Job
Customer Support, $50/hr, Remote, Evening/Night Job, No Degree
Virtual Assistant, $42/hr, Remote, Weekend, No Degree
Remote Live Chat, $45/hr, College Student, No Experience
Remote Data Entry, $40/hr, Part-Time, No Degree Required
Phone Support, $50/hr, Weekend, Remote, No Experience
Virtual Assistant, $42/hr, Evening, Remote, No Degree
Remote Customer Support, $45/hr, No Experience, Part-Time
Data Entry, $50/hr, Night Job, No Degree, Remote
Remote Moderator, $40/hr, College Student Friendly, Part-Time
Virtual Assistant, Remote, $42/hr, Weekend, No Experience
Remote Phone Job, $45/hr, Part-Time, No Degree Required
Customer Support, $50/hr, Night Job, Remote, No Experience
Data Entry, Remote, $42/hr, Evening Job, No Degree
Live Chat Support, $45/hr, Weekend, Remote, College Student
Virtual Assistant, Remote, $50/hr, Part-Time, Night Shift
Data Entry, $40/hr, No Experience, Remote, Weekend Job
Remote Phone Job, $45/hr, No Degree, College Student Friendly
Customer Support, $42/hr, Remote, Evening, No Experience
Virtual Assistant, $50/hr, Weekend, No Degree, Remote
Remote Data Entry, $40/hr, Part-Time, College Student Job
Phone Support, Remote, $42/hr, Evening/Night Shift
Virtual Assistant, No Degree, $45/hr, Remote, Part-Time
Live Chat Support, $50/hr, Remote, No Experience Required
Remote Moderator, $42/hr, College Student, Weekend Job
Data Entry, $45/hr, Remote, Night Job, No Degree
Virtual Assistant, $50/hr, Remote, Part-Time, Evening Job
Remote Customer Support, $42/hr, Weekend, No Experience
Phone Job, $45/hr, Remote, Night Shift, No Degree
Remote Live Chat, $50/hr, College Student, No Experience
Data Entry, $40/hr, Part-Time, Remote, Weekend Job
Virtual Assistant, $42/hr, Remote, No Experience, Evening
Remote Phone Support, $45/hr, Night Job, College Student
Remote Moderator, $50/hr, No Degree, Weekend, Part-Time
Virtual Assistant, $40/hr, Remote, Night Shift, No Experience
Customer Support, $42/hr, Remote, Part-Time, No Degree
Remote Data Entry, $45/hr, Weekend Job, College Student
Phone Support, Remote, $50/hr, No Experience, Night Shift
Virtual Assistant, $42/hr, Evening, Remote, College Student
Live Chat Support, $45/hr, Part-Time, Remote, No Degree
Data Entry, $50/hr, Remote, Evening Job, College Student
Virtual Assistant, $40/hr, Weekend, Remote, No Experience
Remote Phone Job, $42/hr, Night Shift, College Student Friendly
Remote Customer Support, $45/hr, No Degree, Evening Job
Virtual Assistant, $50/hr, Part-Time, Remote, Weekend Job
Data Entry, $40/hr, Evening Job, No Experience, Remote
Remote Live Chat, $42/hr, Weekend, No Degree, Part-Time
Virtual Assistant, $45/hr, No Experience, Remote, Night Job
Phone Job, $50/hr, Remote, Part-Time, College Student
Remote Data Entry, $42/hr, Evening/Night Job, No Experience
Remote Moderator, $45/hr, No Degree, Weekend Job, Part-Time
Live Chat Support, $50/hr, Remote, Night Shift, No Degree
Virtual Assistant, $40/hr, Weekend, College Student, Remote
Remote Phone Job, $42/hr, Part-Time, No Experience Required
Remote Data Entry, $45/hr, No Degree, Weekend, Night Job
Virtual Assistant, $50/hr, Evening, Remote, College Student
Customer Support, $42/hr, Weekend Job, Remote, No Degree
Phone Support, $45/hr, Remote, No Experience, Evening Job
Data Entry, $50/hr, Night Shift, No Degree, Remote Job
Responsibilities
- Act as a liaison between Product Security teams and the Information Security Office via regular engagements with assigned Partner teams.
- Embed into planning and grooming sessions to develop a deep understanding of Security Policies and Audit requirements.
- Create Risk Registers for assigned products and communicate application risks and vulnerabilities to technical stakeholders.
- Lead application vulnerability reviews and remediation efforts.
- Develop deep skill sets in understanding, managing, and determining exploitability of vulnerabilities.
- Partner with Senior Team members to mentor developers through discussions, presentations, or hands-on training sessions.
- Ensure all assigned products and applications adhere to the Product Security Framework requirements and work to remediate any gaps.
- Promote, grow, and enhance the Product Security Partners program to develop Security Champions.
- Develop and deliver guidance and training sessions to grow Product Team's Secure Development LifeCycle skills and awareness.
- Support implementing and operationalizing security tooling and common integrated development environments (AWS).
- Develop hands-on expertise with CI/CD and build pipelines with an understanding of quality and security gates.
- Evaluate and promote new and existing security standards, tools, and solutions with a focus on automation.
Requirements
- 3-5 years of progressively responsible, directly related experience.
- Hands-on knowledge of secure development practices, Secure Development LifeCycle, and DevSecOps.
- Understanding of key programming/scripting languages and secure best practices (Java, node.js, Python, React, JavaScript, etc.).
- Experience with key Development tools/systems (Artifact Management, Version Control, Work Tracking, Secrets Management, NPM, Build and Deployment Tools, etc.).
- Knowledge of common vulnerabilities (OWASP/SANS) such as cross-site scripting (XSS), session hijacking, SQL injection, CSRF, and OWASP Top 10.
- Familiarity with common frameworks spanning frontend and backend (Angular, Bootstrap, Node, Struts, Spring, ASP.NET MVC, etc.) and with AWS Services and AWS cloud architecture security.
- Experience with RESTful web services and APIs.
- Ability to travel when required.
Nice-to-haves
- Experience with security tooling and automation in CI/CD environments.
- Familiarity with cloud security best practices and frameworks.
- Knowledge of compliance standards such as PCI, SOC2, ISO27001, and GDPR.
Benefits
- Health insurance
- Dental insurance
- Vision insurance
- Generous paid time off
- Paid parental leave
- Fertility benefits
- Pet insurance
- Tuition assistance
- Retirement benefits
- Annual bonuses
- Salary growth opportunities
- Merit raises and promotions based on increased scope of responsibility.
