Environmental Systems Research Institute, inc.
Receive alerts when this company posts new jobs.
Product Security Engineer
at Environmental Systems Research Institute, inc.
- Job Category
- Software Development/Engineering
- Job ID
Esri is committed to delivering secure geospatial software and services that meet the needs of customers, including large organizations that span the globe. Esri has always taken the security of its products seriously, and our team is focused on embedding security and privacy into the development life cycle of our ArcGIS platform including SaaS offerings such as ArcGIS Online. In this role, you will apply your cybersecurity expertise to serve as a subject matter expert for colleagues and customers who depend heavily on the security of Esri products.
- Identify changing security risks and impact to customers; recommend which security capabilities and certifications should be prioritized and built
- Review customer product security questionnaires and contractual requirements for areas of compromise and discuss solutions with the security architect
- Act as SME for product security and certifications among our technical support, sales, and partner teams; provide regular updates in Loopio system and answer incoming questions
- Collaborate with legal team to ensure clarity and feasibility of contractual requirements related to security
- Coordinate an ongoing internal program that educates software development managers about security and privacy trends and advises them on software development standards and security validations
- Contribute to security best practice whitepapers for internal and external use by collaborating with product teams
- Assist with FedRAMP program by researching and assessing new cloud technologies, performing threat modeling to identify risk, and recommending tools to support our internal operations
- 2+ years of cyber security experience with cloud environments such as MS Azure or AWS and/or on-premises enterprise-class products
- Knowledge of the ArcGIS platform or a product suite of similar complexity
- Proven experience aligning products or services with security and privacy standards such as CJIS, HIPAA, FedRAMP, NIST, Cybersecurity Framework, GDPR
- In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25
- Exceptional problem-solving and creative thinking skills
- Excellent verbal and written communication skills
- Willingness to travel and present at Esri conferences
- Bachelor’s or master’s in computer science or related field, depending on position level
- Knowledge of California privacy regulations to take effect in 2020
- Cloud and security industry certifications such as AWS and Azure, SSCP, CCSP
- Experience presenting to large audiences of varying IT backgrounds
- Experience with web and mobile platform security
- Experience with contractual/legal agreements related to GDRP and HIPAA
- Security certifications used by federal, law enforcement, and healthcare organizations
Our passion for improving quality of life through geography is at the heart of everything we do. Esri’s geographic information system (GIS) technology inspires and enables governments, universities, and businesses worldwide to save money, lives, and our environment through a deeper understanding of the changing world around them.
Carefully managed growth and zero debt give Esri stability that is uncommon in today's volatile business world. Privately held, we offer exceptional benefits, competitive salaries, 401(k) and profit-sharing programs, opportunities for personal and professional growth, and much more.
Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.
If you need a reasonable accommodation for any part of the employment process, please email firstname.lastname@example.org and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.