Psirt Security Incident Manager - Santa Clara, United States - Pure Storage

Pure Storage

Verified Company

Santa Clara, United States

1 week ago

Posted by:

Mark Lane

beBee recruiter

Description

Company Overview:

BE PART OF BUILDING THE FUTURE.
What do NASA and emerging space companies have in common with COVID vaccine R&D teams or with Roblox and the Metaverse?

The answer is data, - all fast moving, fast growing industries rely on data for a competitive edge in their industries.

And the most advanced companies are realizing the full data advantage by partnering with Pure Storage.

Pure's vision is to redefine the storage experience and empower innovators by simplifying how people consume and interact with data.

With 11,000+ customers including 58% of the Fortune 500, we've only scratched the surface of our ambitions.

Pure is blazing trails and setting records:

For ten straight years, Gartner has named Pure a leader in the Magic Quadrant
Our customerfirst culture and unwavering commitment to innovation have earned us a certified Net Promoter Score that is the highest in the industry
Industry analysts and press applaud Pure's leadership across these dimensions
And, our 6,000+ employees are emboldened to make Pure a faster, stronger, smarter company as we go

If you, like us, say "bring it on" to exciting challenges that change the world, we have endless opportunities where you can make your mark.

Position Overview:

Pure Storage (PSIRT) Security Incident Manager is responsible for scoring / re-scoring security vulnerabilities, working closely with security engineering to identify final attribution for fix/risk mitigation of security vulnerabilities, working cross functionally across teams to document and publish security advisories as required.

As a senior role within CX, a PSIRT Security Incident Manager will also lead company wide efforts in conjunction with other CX, Engineering, Legal, PR Sales resources to coordinate Pure's response to industry wide security vulnerabilities.

Responsibilities:

Act as the customer advocate in managing security risks, ensuring issues are prioritized and remediated at an appropriate velocity, and escalate to senior leadership as needed
Lead security initiatives and serve as the central point of contact for Pure Storage Engineering, QA, Product Management to own coordination of actions associated with internally and externally identified vulnerabilities
Collaborate with Product Engineering to prioritize resolution to security vulnerability exploits; program manage Product Security Vulnerability fix and integration (release roadmap/ and communications); document/publish internal/external messaging to communicate the status of fix/integration details to Pure Executive leadership (Estaff)
Communicate quickly and effectively with engineers, various stakeholders, and customers about security issues as well as author technical documentation on security issues (i.e. mitigations and fixes) in a clear and easytounderstand manner
Drive post mortem and lessons learned on all systemic security incidents/ vulnerabilities, which may include a full followthrough, documentation, and implementation of all associated corrective actions
Execute work against longterm goals and initiatives to support Pure Storage overall security posture and roadmap

Qualifications:

7+ years of Critical Incident Management experience with the ability to work in a highlymatrixed environment
Bachelor's degree required; equivalent experience considered
Able to multitask, influence, negotiate, and delegate with a strong sense of urgency and accountability
Manage crisis situations outside of normal working hours as needed
Dedication to understanding cause and effect

- ability to unravel complicated problem statements and work with cross-functional teams to determine required areas of improvement

Ability to create policies and processes where they do not exist, develop and implement governance where required, and bring order where there is complexity and uncertainty.
Adapt to change and effectively organize work according to business priorities

Technical Skills:

Specific technical and business problem knowledge in one or more of the following areas:
Vendor ecosystem knowledge
Enterprise Cyber Risk Management
Security Strategy and Governance
Regulatory Compliance services (FCA, PRA, GDPR)
Security Framework (NIST, ISO27001, Cyber Essentials, etc.)
Threat Intelligence Services
Certifications hold an industryrecognized certification such as CISM, CISSP, CRISC, or equivalent

Pay Range:
USD $172, USD $259,000.00 /Yr

Pay Transparency Statement:
This role may be eligible for incentive pay and/or equity.

BE YOU—CORPORATE CLONES NEED NOT APPLY:
Pure is where you ask big questions, think differently, and make an impact. This is not just a job, but a place where you have a voice and can accelerate your career.

We value unique thoughts and celebrate individuality, and with ample opportunity to learn, develop yourself, and expand into different roles, joining Pure is an investment in your career journey.

Through o