Sailpoint Technologies, Inc.

Sailpoint Technologies, Inc.

United States

Product Security Architect

Job Description

SailPoint is seeking a Product Security Architect to provide technical leadership and execution for an industry-leading Product Security program. As a provider of both SaaS and enterprise software for some the world’s most prestigious organizations, SailPoint strives for best-in-class security for its product offerings. This critical role will be responsible for performing security architecture reviews and offering consulting services as well as be a key player in designing the overall strategy of the Product Security Program at SailPoint.

The ideal candidate will be highly collaborative and customer service oriented; balancing the right level of security with business objectives and working to creatively solve complex Product Security related problems.

This is a challenging and impactful role with security responsibilities that all product offerings and can be REMOTE or based in Austin, TX.

Responsibilities:

  • Advise on the secure design of product and application architecture.
  • Perform Threat Modelling, assess and document product risks and/or application designs.
  • Participate in expanding/maturing the SailPoint S-SDLC program
  • Work with product teams and shared services to determine appropriate scanning cadence based on risk.
  • Develop and maintain checklists and working aides for secure development.
  • Design solution blueprints that meet the security needs of the system.
  • Approve security guidance and training materials provided to development teams.
  • Provides input to security risk impact assessment.
  • Approve architecture change proposals from a security perspective.
  • Conduct Third party/Alliances assessments.
  • Be a key advisor to the overall strategy and roadmap of the Product Security Program.
  • Be a part of the Product Security Incident Response Team (PSIRT) at SailPoint.

Requirements:

  • Bachelor’s degree with 12+ years of experience/Master’s degree with 8+ years of experience in IT Security
  • 6-8 years of Technical Product Security related experience around Threat Modeling and Attack Surface Analysis.
  • US Citizenship is required due to the nature of the role
  • Proven track record of solving complex Product Security issues and protecting products using a risk-based approach.
  • Extensive knowledge of the current Product Security threat landscape and industry best practices.
  • Extensive experience of performing Threat Modeling and Product Security design reviews and incorporating them as part of SSDLC processes.
  • Experience with compliance/certification frameworks such as ISO27001, SOC2, FedRAMP, SOX, GDPR from a Product Security standpoint.
  • Experience working in Agile development with experience in the following technologies:
    • Containers (Docker, Kubernetes, or similar)
    • Infrastructure as code (Vagrant, Docker, Ansible, Chef, Terraform, or similar)
    • Continuous integration (Jenkins, Bamboo, Hudson, or similar.)
    • Integration of Security testing tools into pipeline
    • Defect tracking (Jira, Bugzilla, ServiceNow, or similar.)
    • Source code management (GitLab, GitHub, BitBucket, or similar.)
    • QA Testing tools (nUnit, jUnit, Selenium, Cucumber, or similar.)
    • Application security testing tools (SAST, DAST, IAST, SCA, or similar.)
    • Various *nix distributions
    • Cloud environment (AWS, Azure, or similar)
  • Ability to innovate and find creative solutions that balance the needs of the business with the needs of security.
  • Minimal travel (
  • Certification such as CISSP, CISSP-ISSAP, CSSLP, OSCP, GSEC

About Sailpoint Technologies, Inc.

SailPoint began in 2005, when our founders set out to create a new type of company – one that promised to provide innovative solutions to business problems and an exciting, collaborative work environment for identity rock stars. Together, we’re redefining identity’s place in the security ecosystem.