Security & Trust Architect Remote - US / Canada

Company: GitHub

GitHub helps companies and organizations succeed by allowing them to build better, more secure software, together. 


GitHub’s Field Architecture team is looking for an experienced security and privacy-minded professional who wants to work in partnership with senior leaders at our most strategic customers, focused on accelerating and growing their success with GitHub. Field Architects are recognized as subject matter experts in their chosen field, as well as by their ability to synthesize customer experience to provide an industry lens in their interactions, both internal and external. They support a variety of diverse internal teams, including sales professionals, product management, engineering, GRC and marketing in efforts that ensure that GitHub, and our customers, are secure and successful, together. 


The ideal candidate shows a passion to not only master the security posture of GitHub’s products, but harness their own experience to ensure proper framing for our customer’s success. They will become experts in our own internal security posture and controls, and communicate that to our customers needs and requests. They will help translate our engineering controls and processes into industry standards, such as the CSA CAIQ, that our customers expect from a digital leader like GitHub. 


Field Architects represent more than GitHub, but the best that modern software practices can be. We're obsessed about our customers, and the quality of our work. If you are technically sharp and people oriented, you might be a fit for this role!

Qualifications:
GitHub Field Architecture is looking for an experienced Security Sales Enablement Analyst who has an expertise and passion to exceed our customers’ expectations and who will go the extra mile with a strong work ethic and collaboration. They also have:

Minimum Qualifications:

  • 5+ years experience across fields of Security, Audit, Compliance, and/or Risk assessment
  • 3+ years experience in a customer-facing role.
  • Demonstrable deep knowledge in two or more of these areas: security, compliance, privacy, technical audit, and or IT/vendor risk management.
  • Experience as part of a security audit team or as a risk assessor.
  • The ability to partner with and effectively communicate risk concepts to sales, legal, technical and executive staff.
  • Experience owning creation of technical customer-facing communications.
  • You have organizational, analytical, and problem-solving skills, preferably in a risk or trust & safety context
  • Broad knowledge of IT concepts, including encryption, networking, operating systems, databases, middleware, and applications ideally in a cloud environment
  • Functional knowledge of common security, legal, and regulatory requirements (e.g., NIST, FedRAMP, APRA, iRAP, PCI, SOC, GDPR, ISO/IEC 2700X, COBIT, etc.).
  • Comfortable working in a dynamic environment (global team + nature of software development)
  • Self-directed and resourceful; Experience working on a remote team in an asynchronous workflow across time zones
  • Proven commitment to quality and success

Preferred Qualifications: (Not required)

  • Exposure/Experience with GitHub, features and functionality.
  • Executive level communication skills (both written and verbal) and the ability to mentor others.
  • Significant experience with managing security audits, or experience as a security auditor or as a vCISO.
  • Creation and maintenance of vendor or third party risk management programs
  • Legal or Contract negotiation and fallback experience for software or technology agreements
  • Passionate about security and privacy and how they can enable software, technology and business
  • Deep knowledge of the Software Development Lifecycle and related tools
  • Understanding of the value of DevSecOps processes
  • Pre- and post sales customer-success and support experience
  • Bug bounty or vulnerability program management (validation, triage, remediation) experience
  • CRISC, CISA, CISM, CIPP, CISP, CCSK, or other relevant independent certification, or equivalent education.
  • Working knowledge of Cloud Security Alliance, CSA working groups, and the STAR program including the CCM and CAIQ.
  • Participation or leadership in industry groups, trade associations, other security / privacy organizations
  • Language proficiency (Japanese, Portuguese, German)
     

The Job - what you’ll be doing

  • Development and management of Security, Privacy, and Compliance content for the company's security knowledge base (serving Revenue and Support Engineering)
  • Working with customer account teams to complete security RFIs with accuracy and efficiency.
  • Be a trusted resource for GH account teams and our customers on how GitHub protects customer data (customer calls, presentations, meetups, trade association participation, etc.)
  • Advocate for security, privacy, and compliance product improvements to the security, product, IT infrastructure and software development teams through customer use cases and stories.
  • Collaborate with Security and GRC to support development and maturity of controls and continuous compliance testing, audit, and evidence through customer feedback analysis.
  • Project management of your areas of responsibility.
  • Other duties as assigned

Who We Are:

GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.

Leadership Principles:

Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here: https://github.com/about/careers/remote

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.

#LI-POST

Vacancy page : https://boards.greenhouse.io/github/jobs/2585962