• Strong Security Expertise: A deep understanding of software security, including familiarity with common vulnerabilities, threat vectors, and best practices
• SaaS Security Knowledge: Specific knowledge of security challenges and solutions in the SaaS environment, including authentication, authorization, data encryption, and secure communication
• Security Frameworks and Tools: Knowledge of security tools, frameworks, and methodologies such as OWASP, NIST, CIS, and relevant security-related software and services to effectively protect Snyk's systems & services
• Cloud Security: Familiarity with cloud security concepts, including secure configuration, identity and access management, and data protection in cloud environments like AWS, Azure, or GCP
• Communication and Collaboration: Excellent communication and collaboration skills to work closely with cross-functional teams, articulate security risks, and promote a security-conscious culture throughout the organization
• Incident Response and Risk Management: Proficiency in developing and implementing incident response plans, risk assessments, and security policies to effectively mitigate threats and manage security incidents
• Compliance Knowledge: Understanding of relevant industry and regulatory compliance standards (e.g., GDPR, HIPAA, SOC 2) to ensure Snyk's products and services can meet legal and industry-specific security requirements
• Continuous Learning: The ability to stay up-to-date with emerging security threats and trends through continuous learning, certifications, and participation in the security community
• Problem-Solving Skills: Strong analytical and problem-solving capabilities to assess complex security issues and propose effective solutions
• Leadership and Project Management: The ability to lead security initiatives, manage projects, and coordinate with stakeholders to ensure the successful implementation of security measures
• Ethical Hacking and Penetration Testing: Knowledge of ethical hacking techniques and penetration testing to identify vulnerabilities and assess the effectiveness of security controls
• Critical Thinking: A capacity for critical thinking and an ability to assess the broader impact of security decisions on the organization
• Documentation Skills: You are the best at documenting security policies, procedures, and guidelines to ensure consistency and compliance across the organization
• Magnanimous: Be a magnet for those wanting to learn and grow their maturity in security and architecture. You should be the most approachable person in the company

Desirable

• This role will report directly to the Chief Information Security Officer
• Providing technical leadership to help devise & refine security strategies for Snyk, ensuring that they align with the evolving threat landscape and industry best practices
• Taking ownership of security design and strategy for the broader organization and ensure alignment to overarching business goals
• Continuously assessing security risks within our development and operational processes, identifying vulnerabilities and proactively guide the teams towards mitigating them to safeguard our products and customer data
• Establishing technical architecture principles; host and conduct in-depth architecture reviews of systems to ensure they meet stringent security standards and requirements, and recommend enhancements where necessary
• Ensuring Snyk stay current with the latest security tools and technologies, evaluating their applicability and integrating them into our security processes to enhance our security posture
• Collaborating cross-functionally with teams, including developers, engineers, product managers, business leaders, executives, and customers fostering a security-aware culture within and outside of the Snyk
• Engaging with senior leadership in the company to drive security initiatives forward as they align with our business goals