Chief Product Security Architect

US-CA-Irvine | US-CA-Carlsbad
Job ID
2017-1932
# of Openings
1
Category
Information Technology

Overview

Based in beautiful Irvine, CA, we are CalAmp, the pure-play pioneering leader of the Connected Car, Connected Truck and broader Internet of Things (IoT) marketplace. Currently, we are seeking a Sr. Product Security Director with 7 years of experience. This is an excellent opportunity for those who wish to work for a stable, well-established company that builds transformational technologies within the revolutionary domain of IoT.

 

We will also consider exceptional candidates in the Carlsbad, CA area in addition to Irvine, CA.

 

We believe that people are our greatest asset and we are committed to being an employer of choice in our industry. CalAmp offers an engaging and diverse work environment that permits our people to take pride in their contributions and share in the company’s success. Our employees can expect the space to showcase their talent, sharpen their skills, develop new capabilities, and be a part of a global team that develops revolutionary technologies. We proudly offer the stability and security of a large publicly-traded tech company without the rigidity and red tape.

 

In particular, we offer:

  • Meaningful work with the potential to disrupt an entire industry
  • Visionary leadership
  • Excellent compensation packages
  • An extensive suite of medical and retirement benefits including a 401k with match
  • Flexible time off policy and accommodating work schedules
  • Education Assistance Program (Tuition Reimbursement)
  • Access to cutting-edge tools and technologies
  • Innovative, intelligent, collaborative teammates

Responsibilities

  • Responsible for organizing, implementing, and managing CalAmp's secure telematics program
  • Apply subject matter expertise to security governance, risk, and compliance consulting to development and operations teams throughout the telematics products and services lifecycles
  • Provide liaison services as the point of contact for external stakeholders in solutions security (e.g., current and prospective customers, auditors, industry consortia, etc.) 
  • Work across internal teams to implement program initiatives 
  • Maintain products to be compliance with corporate Information Security Policy; organize and track audit evidence and security policy updates across the company 
  • Plan, partner, execute, and manage security initiatives for existing and new telematics solutions including technical risk assessment, threat models, risk reduction programs, and secure architectures
  • Conduct product security architecture reviews, security control audits, product vulnerability assessments, and 3rd party security reviews in support of customer security requirements, across the solutions portfolio
  • Provide SME consulting in all phases of pertinent security accreditation processes
  • Lead and review investigations of alleged product breaches and incidents, including impact analysis and design recommendations for eliminating identified vulnerabilities 
  • Support the sales team with knowledge and resources on corporate security practices: answer questionnaires, review contracts, and attend calls with current and prospective customers

Qualifications


Must Haves

  • Prior experience in secured solutions lifecycles from design through decommissioning
  • Well-organized and ability to orchestrate concurrent projects 
  • Prior experience in customer-directed audit and compliance certifications with ability to set and manage customer expectations 
  • Excellent communications skills that are clear, professional, and applicable in CIO/CISO-level presentations and discussions 
  • Self-directed, requiring minimal oversight to achieve program objectives 
  • An engineering-oriented approach for efficiency and accuracy in project execution
  • Able to lead diverse teams to understanding and achievement; able to propose and influence security development within hardware and software design teams
  • Knowledge of embedded systems security architecture such as: system software authorization for firmware and configuration downloads, file encryption and data protection, code signing, runtime process security, etc.
  • A service-oriented, "teach, don't preach" approach in dealing with internal customers

Strong Pluses

  • Some background in embedded systems hardware/software product engineering and development with increasing emphasis on hardware/software product security


    If you are a talented Product Security Architect with senior leadership experience and interested in the Internet of Things domain, we want to speak with you. Interviews are occurring immediately so apply now if interested.

 

#LI-NR1

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed