Senior Staff - Product Security

Director, Information Security

What You Will Be Doing

ChargePoint is looking for a Sr. Staff – Product Security engineer who will help develop our product security strategy, implement tools, architect our product security roadmap, develop process, perform threat assessment and security reviews, and work with different team leaders to implement a security by design culture as part of our product lifecycle. This role will be responsible for providing guidance, advice, oversight, and implementation of controls on product security matters.

As a Product Security engineer, you will design security controls and help validate that our services, applications, stations, and emerging technologies are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering, and addressing security issues, designing security automation, and decisively taking action to mitigate emerging threats throughout a full secure development life cycle (SDLC). This role will provide career growth opportunities as you gain new security skills in the course of your work. You have an opportunity to experiment, learn, build tools, and work with teams building new technology and services at massive scale in the EV charging space.

What You Will Bring to ChargePoint

• Experience building relationships with key stakeholders across the business to understand their current and planned product activities (application and embedded)
• Experience developing processes and policies to mitigate key product risks
• Performing security assessments, identifying, and mitigating risks through effective tools, processes, training, and guidance. Managing product risk assessments and remediation plans
• Supporting the integration of security standards, controls, policies into the SDLC
• Developing and managing a comprehensive product security training program and promoting security awareness throughout the product team agenda
• Leading internal product meetings to present key product security metrics and risks to senior leadership
• Influence decision-makers and stakeholders to achieve a consistently high security bar
• Lead security projects (including security reviews, tool development, and creation of new security practices) with end-to-end ownership
• Experience working with engineering teams to design and implement security controls
• Support for mentoring, team building and recruiting activities

Requirements

• Eight (8) + years of dedicated working knowledge, and real-world experience of product security best practice across multiple functions and geographies
• Experience working with security requirements and regulations related
• Experience building, reviewing, and managing threat models / assessments
• Experience implementing security by design culture
• Experience with one or more programming languages (such as Java, C++, PHP, others) for the purpose of code review
• An understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP)
• Ability to lead through influence within a secure development life cycle for multiple products and technologies, meeting customer expectations for security
• Demonstrate ability to clearly identify business and regulatory implications of analysis and findings and propose strategic solutions
• Customer and organizational data literacy on processing, usage, management
• Ability to manage multiple stakeholders, understand technology and commercial concepts quickly
• Strong relationship’s skills / ability to communicate effectively both in writing and verbally
• Ability to identify and mitigate product security risks with the ability to understand materiality of risks and prioritize / differentiate response accordingly
• Experience in implementing and managing product security tools (good to have)
• Experience in the automotive or EV charging industry (good to have)
• Experience with embedded / hardware security (good to have)

Location

Remote location in U.S.

We are committed to an inclusive and diverse team. ChargePoint is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.

If there is a match between your experiences/skills and the Company needs, we will contact you directly.

ChargePoint is an equal opportunity employer. Applicants only - Recruiting agencies do not contact.