Senior Manager, PSIRT

Your Career 

Palo Alto Networks Information Security team is looking for a Senior Manager to lead the Product Security Incident Response Team. The PSIRTs mission is to manage and respond to security vulnerabilities and incidents affecting Palo Alto Networks products and services.

As a Senior Manager youll lead strategic planning and execution of incident response activities including vulnerability triage investigation mitigation and communication. Interpersonal communication will be key to your success in aligning the PSIRTs work with stakeholder needs. Securing our products against known and anticipated threats is a mission-critical outcome for the company. Your intention must be to effectively persuade convince or influence all relevant stakeholders to achieve this desired outcome. Youll need to empower and maintain high morale across your team. Preserving the inclusive culture must be the crux of your organizational development strategy.

Your Impact

• Lead a team to respond to new security vulnerabilities in products and cloud offerings as reported via bug bounty programs and external security researchers.
• Oversee root-cause analysis of product vulnerabilities ensuring complete remediation by collaborating with product teams on solution development and review.
• Act as the senior product security subject-matter expert engaging with diverse stakeholders including executives engineering infosec privacy legal support sales customers security researchers and industry partners.
• Engage directly with a diverse customer base including enterprises of all sizes and government organizations to transparently communicate our vulnerability remediation strategies and reinforce trust in our product security.
• Foster a growth mindset within the team encouraging continuous learning about the latest cybersecurity trends.
• Drive cross-functional partnerships to evolve security testing methodologies and frameworks to enhance vulnerability detection efficiency.
• Mentor and guide team members in advanced security analysis techniques and tool usage.
• Present findings and recommendations to senior management highlighting key risks and mitigation strategies.
• Track and report on vulnerability remediation progress ensuring timely closure of security gaps.
• Collaborate with incident response teams to analyze and address security breaches and incidents.
• Stay up-to-date with industry standards and regulations related to product security ensuring compliance.
• Participate in industry conferences and workshops to expand knowledge and network with other security professionals.

Qualifications :

Your Experience

• Minimum 5 years experience in security leadership specifically managing Product Security Incident Response Team (PSIRT) operations.
• Expert level experience in vulnerability analysis remediation techniques and coordinating disclosures related to product security incidents.
• Demonstrated understanding of common vulnerability scoring systems (CVSS) public vulnerability databases and responsible disclosure practices.
• Strong executive communication skills both spoken and written with the ability to present vulnerability assessments incident reports and recommendations to senior management and external stakeholders.
• Proven experience engaging with organizations and standards crucial for effective vulnerability handling including CVE Numbering Authority (CNA) National Institute of Standards and Technology (NIST) Forum of Incident Response and Security Teams (FIRST) ISO/IEC 29147 ISO/IEC 30111 and Open Source Software Security Foundation (OpenSSF) along with familiarity with industry-specific regulations for vulnerability disclosure and handling.
• Proven people management and leadership experience in building and leading a PSIRT with a focus on training mentoring and developing incident response capabilities.
• Ability to manage and prioritize multiple security incidents in a fast-paced and dynamic environment adhering to established SLAs.
• Experience engaging with security researchers customers and other external parties during vulnerability disclosure and incident response processes.
• BS or MS Degree in Engineering or Computer Science related to computer security application security information security network security or cryptography with a strong focus on incident response.

Education

• BS or MS Degree in Engineering or Computer Science related to computer security application security information security network security or cryptography or equivalent military experience required

Additional Information :

The Team

Think about it security for an information security company. Working at a high-tech cybersecurity company within the product Security team is a once in a lifetime opportunity. Youll be joined with the brightest minds in technology our global teams on the front line of defense against cyberattacks. Were joined by one mission but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving security gaps that inhibit our privacy.

Compensation Disclosure

The compensation offered for this position will depend on qualifications experience and work location. For candidates who receive an offer at the posted level the starting base salary (for non-sales roles) or base salary commission target (for sales/commissioned roles) is expected to be between $162000/yr - $263000/yr. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.

#LI-NP1

Our Commitment

Were problem solvers that take risks and challenge cybersecuritys status quo. Its simple: we cant accomplish our mission without diverse teams innovating together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need please contact us at  .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Remote Work :

No

Employment Type :

Full-time