Senior Manager of Product Security, Smarsh

$225-275k

AWS
Docker
Kubernetes
GCP
Azure
Expert level
San Francisco Bay Area

3 days a week in office (Pleasanton, CA)

Smarsh

Cloud-based archiving and compliance solutions

Be an early applicant

Smarsh

Cloud-based archiving and compliance solutions

1001+ employees

B2BEnterpriseComplianceLegalCommunicationSaaSCyber Security

Be an early applicant

$225-275k

AWS
Docker
Kubernetes
GCP
Azure
Expert level
San Francisco Bay Area

3 days a week in office (Pleasanton, CA)

1001+ employees

B2BEnterpriseComplianceLegalCommunicationSaaSCyber Security

Company mission

To enable customers to take advantage of the latest communication and collaboration tools, while staying ahead of compliance risk.

Job

Company

Role

Who you are

  • Education: A degree in Computer Science, Cybersecurity, Information Technology, or a related field
  • Certifications: Relevant cybersecurity certifications such as CISSP, CISM, CEH, or equivalent preferred
  • Experience in Cybersecurity: 10-15 years of experience in cybersecurity or related fields
  • Product Security Experience: At least 5 years of specific experience in product security, ideally in FinTech related roles
  • Leadership: Proven leadership skills with a minimum of 3-5 years in a managerial role, overseeing cybersecurity teams or projects
  • Technical Skills:
  • In-depth knowledge of cybersecurity principles, secure coding, vulnerability management and risk assessment
  • Proficiency in modern cloud technologies (AWS, Azure, GCP), containerization (Docker), and orchestration (Kubernetes)
  • Strong understanding of serverless computing, API security, OS hardening, SDLC and network security
  • Analytical Skills: Strong ability to analyze and mitigate security risks and vulnerabilities
  • Collaboration: Effective collaboration skills to work with cross-functional teams
  • Continuous Learning: Commitment to staying updated with the latest security trends and technologies

What the job involves

  • The Manager, Product Security leads a team dedicated to embedding security within products
  • This role involves partnering with the Product Owner, Technical Product Owner, and Engineering Lead to advocate for and influence security measures within product development
  • The primary objective is to ensure that products are secure by design and compliant with security standards and regulations
  • Risk Management:
  • Conduct comprehensive threat modelling to identify potential threats and vulnerabilities
  • Perform detailed risk assessments to evaluate the impact and likelihood of risks
  • Security by Design:
  • Develop and implement secure design principles and practices
  • Ensure secure coding practices are followed by the development teams
  • Vulnerability Management:
  • Lead regular security testing, including static and dynamic analysis and penetration testing
  • Evaluate and prioritize vulnerability fixes based on risk and impact
  • Identify and eliminate false positives to streamline remediation efforts
  • Compliance and Regulatory Adherence:
  • Ensure products comply with relevant security standards and regulations
  • Maintain and update documentation and evidence of compliance
  • Support internal and external audit processes for the product
  • Incident Response:
  • Develop and maintain product-specific incident response plans
  • Provide expert knowledge and support to the SOC (Security Operations Center) for effective incident management
  • Continuous Improvement:
  • Stay updated with the latest security threats, technologies, and best practices
  • Continuously improve security practices and processes within the product development lifecycle

Our take

The emergence of new digital communication technologies provides businesses with a great opportunity for growth. But regulated businesses need to ensure they carry out communications monitoring, archiving, and compliance to stay on the right side of regulators. This can be difficult to do with new tech - to the extent that some businesses are hesitant to adopt it at all.

Of course, there’s a substantial appetite for ways to get around this obstacle and therefore reap the business benefits of modern comms. Smarsh provides just that, with its suite of archive, storage, and monitoring tools. In the two decades since its founding, the platform has netted over 6,500 clients including top worldwide banks, brokerage firms, insurers, registered investment advisors, and state and local government agencies in the US.

This puts Smarsh in a formidable position going forward. The issue the company addresses is only getting more acute as the volume of communications increases, more tech is brought to market, and the hybrid work model pushes more communications online. Smarsh’s extensive, top-tier global reach will help it field this growing market opportunity.

Freddie headshot

Freddie

Company Specialist

Insights

Top investors

Few candidates hear
back within 2 weeks

-9% employee growth in 12 months

Glassdoor (2.8)

Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon

Company

Funding (2 rounds)

May 2015

$28m

LATE VC

Sep 2007

$15.6m

LATE VC

Total funding: $43.6m

Company benefits

  • Healthcare insurance: We provide medical, dental and vision insurance and a flexible spending account that allows you to set aside pre-tax dollars to pay for eligible out-of-pocket expenses
  • Personal time off: A healthy work-life balance is critical to your success at the office. Smarsh offers a "take-what-you-need" time off policy as well as flexible work arrangements
  • Recognition: We're big on kudos for a job well done. Our employee recognition program enables co-workers to nominate their peers who best embody our core values for recognition
  • Life and disability insurance: Fully paid life and disability insurance coverage is provided from the day you start your job
  • Wellness program: You're happier when you're healthier. So we reimburse a portion of employees' monthly health club expenses
  • Retirement savings: We match a percentage of your retirement savings contributions. Smarsh employer match invests immediately, so it's yours from day one
  • Sabbatical: The Smarsh sabbatical program provides a time to recharge, study or simply a time to do something you are passionate about away from the workplace. Employees are eligible after six years of service
  • Giving back: Through our community partnership program, Full Circle, employees make a positive difference and receive paid time off for Full Circle activities so they can support the organizations that matter most to them
  • Employee assistance program: We offer free and confidential assessments, short-term counseling, referrals and follow-up services to employees for personal or work-related issues to support their mental and emotional well-being
  • Cellphones: To support our mobile and geographically dispersed workforce, we offer corporate cellular plan discounts with both AT&T and T-Mobile
  • Getting here and home: Biking and taking public transit to work is not only cool but a smart and green thing to do. Smarsh proudly reimburses for monthly transit costs and biking expenses
  • Parental leave: We want to support our colleagues who are starting a family. Smarsh offers paid leave to help you welcome your new bundle(s) of joy into the world

Company values

  • We lead with excellence
  • We own the outcome
  • We act as one Smarsh

Company HQ

Portland Downtown, Portland, OR

Leadership

Stephen Marsh

(Founder)

Previously worked on capital market systems at Fidelity Investments, and then moved to a Senior Product Manager role at CCBN. They are also a board member at The Wild, Asset Compliance Inc., and ComplySci.

Salary benchmarks

We don't have enough data yet to provide salary benchmarks for this role.

Submit your salary to help other candidates with crowdsourced salary estimates.

Share this job

View 11 more jobs at Smarsh