Security engineering manager

Search JobsJob DescriptionThe Elevator Pitch: Why will you enjoy this new opportunity?The world is changing fast, and the security engineering space is changing even faster! Corporations, governments, schools, hospitals are in desperate need for digital transformation at a rapid space. VMware is driving this transformation for 350,000 customers (which includes 98% of Fortune 500). You won’t find another company that offers the breadth of innovative technology. Now imagine the opportunity to work on securing the products and services which VMware creates on cutting edge technologies. You would be exposed to the broad technology stack which you can break / hack into and help secure. This opportunity provides an endless possibility to learn, grow and flourish as a product security engineer.This product security engineering manager role is part of the SCOPE organisation, which expands to Security, Compliance, and Privacy Engineering. As part of this role in product security, you will be responsible ensuring the team is identifying security design flaws and vulnerabilities, and offering potential remediation recommendations. Also, you will have the opportunity to collaborate with, but not limited to, security architects, development teams across VMware, and other security engineers in the team, who work on various areas such as, virtualisation, software-defined networking, cloud security, and Kubernetes.  If you have the drive to work on securing the next big thing, we would love to talk!  Success in the Role: What are the performance outcomes over the first 6-12 months you will work toward completing?The following is a schedule for the first year of joining: Within 1 month of employment, learn the product/SaaS offering which you will help secure, the technology stack which they use, become familiar with the attack vectors in the related domain, and get accustomed to the code base, recent externally reported vulnerabilities, release cycles etc.During your first two months on the job, you will work on understanding the product architecture, existing product development tools and release process. You are expected to gain knowledge in the domain and the technology your team is already using and participate in the team’s scope and prioritisation discussions.By the sixth month we expect you to be in full control of the deliverables of your team. You work with your peer managers to build the work backlog, scope the projects working with your team members, make sure that they are delivered on-time and with the expected quality.You will have to establish a reputation of leadership within a team and demonstrate influence within their area of expertise.You will have to collaboratively work across other product and component teams.You assume the people management responsibilities of a team of highly skilled security engineers.You create career plans with each team member that captures where they are, where they want to go, and the tangible steps that will help them address any gaps in their current skills and experience. Your team is healthy as determined by key metrics of engagement, retention, work/life balance, and delivery.You will have to be a subject matter expert with deep expertise in securing the products.You will have to handle the interactions with development teams, cross-functional teams, and other groups, internal and external to VMware, to ensure VMware products are secure.The Work: What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?As a product security engineering manager, you will: Manage and lead a highly skilled security engineering team and drive the secure design, implementation, and delivery.Take ownership of improvement of security state of the products.Communicate on regular basis with development teams. As part of this team, you will work closely with response team to get continuous input from the field on security state of the products to plan security assessment from the team.Perform analysis of complex tasks or situations that required in-depth evaluation. Connect your team’s work to other parts of the security process and response. Bringing clarity where there is uncertainty, managing risk and continuously delivering value.Train and mentor junior engineers by providing technical guidance and direction.Take initiatives and identify new areas of improvement for products, tools, and process.Manage activities to meet delivery dates and milestones and communicate status and risks to Engineering leads and project team.You will implement and improve processes around SDL, RCCA and Variant analysis.You should be doing regular 1:1 with your direct reports, discussing short term and long-term goals making sure your engineers have the direction needed to be successful. Coach engineers and sustainably grow individuals on your team.As a people manager you will also be responsible for compensation and bonus planning and hiringYou will be responsible for daily engineering activities such as stand-ups, sprint planning, backlog grooming, security reviews, release readiness.Championing a culture of high ownership, continuous improvement, and engineering excellenceBasic qualifications:• Penetration testing skills in Web, System, Container, Mobile, Network, and Cloud based technologies• Secure design reviews and threat modelling• Familiarity with SAST and DAST tools• Manual secure code review (not limiting to): Java, C/C++, C#, JavaScript, Go, Python• Experience with coding/scripting in one or more of the following (not limiting to): Python, Ruby• Vulnerability assessment What is the leadership like for this role? What is the structure and culture of the team like?vSECR, which is part of SCOPE is headed by Manish Gaur, who is the Sr. Director based out of U.S.reporting to Manish is based out of India, U.S, and Ireland. As part of this role, you will be joining the US team, which is headed by Madhusudan H.N in Bangalore, India. Theleadership encourages independent thinking and gives a free hand to innovate.The team is distributed across the globe, in India, U.S, and Europe. We have a diverse, inclusive and open culture in the team. We encourage continuous learning, sharing of ideasand thoughts, and growing together as a team. The team consists of majorly security engineers with experience ranging from less than a year to more than 10 years. We also have a good presence of technical product managers, full stack developers, and security architects. The team is built on trust and empathy, and we celebrate each other’s successes.   Where is the role located?Either of the following can be opted.Flexible: The location of this role is flexible within India. Work will be done from an office some days during a week and other days from a non-VMware building.Remote: This role is fully remote and can be done anywhere in India. What are the benefits and perks of working at VMware?You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights.• Medical Coverage, Retirement, and Parental Leave Plans for All Family Types• Generous Time Off Programs• 40 hours of paid time to volunteer in your community • Financial contributions to your personal/career development (conference participation, trainings, course work, certifications etc.)• Wellness reimbursement and online fitness and wellbeing classesVMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law. ​Search Jobs