AppD Chief Information Security Officer
Location:San Francisco, California, US
Area of InterestCustomer Experience
Head of Security, AppDynamics
The AppDynamics product requires and receives enormous trust from our customers, and our commitment to security reflects that. We are seeking a senior security leader to champion, grow, and scale an already established function for a fast-growing SaaS-focused software company with very large enterprise customers. The role reports to the AppDynamics Chief Technology Officer with dotted line reporting responsibilities to the Cisco Chief Security & Trust Officer.
This role will be responsible for:
- Establish, measure, improve, and champion a program to make security a first class citizen and strategic advantage for our product and processes.
- Leads a globally dispersed team of 40 highly skilled security professionals including directors, managers, and individual contributors.
- Manage budget for both OpEx and COGS investments.
- ensure we are able to discover (through discovery, automation, bug bounties, red team programs, and more) and prioritize any and all security vulnerabilities in our software and infrastructure
- communicate prioritized vulnerabilities to product engineering and SaaS ops and help to ensure they get addressed in a timeline manner.
Incident and Response
- ensure any and all incidents are detected, addressed, and mitigated
- drive constant product and process improvements in response to incidents through forensics, RCA, reporting, and planning.
- provide customer facing support for the field in both pre and post sales to represent AppD as a secure and trusted partner in both the product we deliver and the work we do to implement.
Strategy and Planning
- consult with product management teams to ensure security is strategically represented in our product offering, both in our commitment to our own security and in any offerings we release designed to help customers with their own security.
- provide consulting (and approval) services to our product engineering teams to ensure released software is secure by design
- work with product engineering to make sure core tools and technologies, and development lifecycles have security best practices built in to make secure software the path of least resistance
Risk and Compliance
- Assess and prioritize risks in our processes, products, and assets across the company
- maintain compliance with necessary regulatory standards, including SOC-2, GDPR, and FedRAMP.
- Establishes business strategy for attainment of new or emerging certifications.
- ensure our product, engineering, and company leadership understand our security status, posture, top risks, and projects to address current issues and improve overall process
- partner with central Cisco security team and sister organizations to drive best practices and economies of scale across Cisco’s cloud offerings.