Product Security and Privacy Architect

An Amazing Career Opportunity foraProduct Security and Privacy Architect!!

Location: Remote (US)

Job ID: 47563

As part of the Product Security and Privacy team reporting to the Chief Product Security & Privacy Architect you will support product teams in adopting and implementing HIDs security and privacy program.

Accountable for the quality consistency and defensibility of all security & privacy related artifacts you guarantee that outputs are audit-ready and not just done.

You will have opportunities to work on a very wide portfolio of applications based on different technologies (Web Embedded Mobile Desktop) within a very diverse and international context covering all five HID Business Areas.

Who are we

HID powers the trusted identities of the worlds people places and things allowing people to transact safely work productively and travel freely.

We are a high-tech software company headquartered in Austin TX with over 4500 worldwide employees.Check us out here:and ourProduct Security and Privacy Architect youll support HIDs successby:

• Leading day-to-day security/privacy architecture governance escalating and obtaining approval from the Chief Product Security & Privacy Architect as required.
• Defining corporate wide security and privacy requirements controls and standards.
• Defining corporate wide Secure Coding third-party deployment policies & other architecture-related standards.
• Defining required training content.
• Defining paved roads/security and privacy-by-design patterns and libraries.
• Leading development of AI-enabled PSP Architecture capabilities: define use cases requirements and success criteria.
• Owning the threat modeling framework and quality bars.
• Running/approving security & privacy architecture reviews.
• Leading audit/assessment planning evidence of expectations and defensibility.
• Being responsible for tooling selection and integration related to security & privacy architecture domain.
• Architecting compliance analyzing new regulations and standards to identify gaps in the platforms capabilities standards and controls.
• Assessing New Acquisitions Architecture and contributing to due diligence on a needed basis.
• Providing recommendations for risk acceptance and exception requests.
• Providing input on tooling strategy and integration guidance for non-architecture related domains.
• Providing guidance on security requirements for supply chain tooling pipeline architecture and associated standards.
• Validating that platform architecture enables enforcement of PSP security controls.
• Providing expert input on exploitability attack paths and mitigation options during Incident handling process
• Providing guidance on true risk vs noise for security tool outputs and penetration tests.
• Providing subject-matter depth during training delivery: advanced Q&A edge cases Offer office hours or follow-ups for complex topics

YourExperienceand Background include:

• Masters Degree computer science or similar qualifications.
• At least 3 years in software/product security application security or security architecture
• At least 7 years of hands-on software engineering / QA / DevOps earlier in career (or equivalent).
• At least one security or privacy certification (CISSP CIPT CSSLP CEH ...) is a plus.
• Proven ownership of at least one of: threat modeling program secure design review governance audit evidence management security tooling strategy penetration testing program or similar.
• Experience contributing to at least one Secure Software Development Lifecycle (SSDL) program either as a security architect security champion or similar role.
• Working knowledge of general principles of application security
• Working knowledge of threat modeling principles.
• Working Knowledge of security standards (OWASP ISO NIST ...).
• Knowledge of security regulations such as the Radio Equipment Directive (RED) Cyber Resilience Act (CRA) Federal Information Processing Standards (FIPS) and Common Criteria (CC) or equivalent.
• Good understanding of cryptographic principles including algorithms key management and protocols.
• Experience using security tools (SAST DAST SCA Vulnerability Scanners Secret Scanners).
• Hands-on experience in at least one preferably more of these application domains:
  • Embedded device Security
  • Mobile security
  • Web & API security
  • Desktop security
• Experience with Agile/SAFe Methodology is preferred.
• Experience with usage of AI tools in the context of a security program is preferred.
• Cloud infrastructure Supply Chain and deployment Security is preferred.

What we can offer you:

• Competitive salary and rewards package

• Competitive benefits and annual leave offering allowing for work-life balance

• A vibrant welcoming & inclusive culture
• Extensive career development opportunities and resources to maximize your potential
• To be a part of a global organization that is pioneering the hardware software and services that allow people to confidently navigate the physical and digital worlds

Why apply

• Empowerment: Youll work as part of a global team in a flexible workenvironment learning and enhancing your expertise. We welcome an opportunity to meet you and learn about your unique talents skills and experiences. You dont need to check all the you have most of the skills and experience we want you to apply.
• Innovation: You embrace challenges and want to drive change. We are open to ideas including flexible work arrangements job sharing or part-time job seekers.
• Integrity: You are results-orientated reliable and straightforward and value being treated accordingly. We want all our employees to be themselves to feel appreciated and accepted.

The wage range for this role considers a broad scope of factors that are considered when making compensation decisions including but not limited to: skill sets experience and training licensure and certifications and other business and organizational needs. The disclosed range does not account for geographic differentials based on the location where the position may be filled. At HID it is uncommon for individuals to be hired at or near the top of the range. Final compensation decisions depend on the specific facts and circumstances of each case.

The base salary in the United States is $140000 to $160000.

This opportunity may be open to flexible working arrangements.

HID does not accept unsolicited resumes from headhunters recruitment agencies or fee-based recruitment services. We are not responsible for any fees related to unsolicited resumes.

HID is committed to building a diverse equitable and inclusive workforce that reflects the global communities we serve. As an equal opportunity employer we welcome applications from individuals of all backgrounds experiences and perspectives. We evaluate applicants without regard to race color religion gender gender identity or expression sexual orientation national origin disability age veteran status or any other legally protected characteristic. Our goal is to create a workplace that empowers everyone to thrive and be their authentic selves fostering an environment of mutual respect and inclusivity. If you have a disability and require assistance or accommodation to participate in the application process or to perform essential job functions please contact .

Please be aware that our recruitment process may include the use of AI-powered tools to assist in screening applicant resumes. These tools help us efficiently identify candidates whose qualifications and skills align with the job description. We use AI in a responsible manner and in accordance with applicable data privacy laws and regulations. Importantly all applicants are reviewed by our Talent Acquisition team. AI is used to support not replace human judgment in the evaluation process.

We make it easier for people to get where they want to go!
On an average day think of how many times you tap twist tag push or swipe to get access find information connect with others or track something. HID technology is behind billions of interactions in more than 100 countries. We help you create a verified trusted identity that can get you where you need to go without having to think about it.

When you join our HID team youll also be part of the ASSA ABLOY Group the global leader in access solutions. Youll have 63000 colleagues in more than 70 different countries. We empower our people to build their career around their aspirations and our ambitions supporting them with regular feedback training and development opportunities. Our colleagues think broadly about where they can make the most impact and we encourage them to grow their role locally regionally or even internationally. As we welcome new people on board its important to us to have diverse inclusive teams and we value different perspectives and experiences.

#LI-HIDGlobal