Manager, Cybersecurity Engineering

The Manager, Cybersecurity Engineering position is a hands-on role that involves evaluating and enforcing security and compliance controls. This position plays an integral role in protecting the Cornerstone OnDemand (CSOD) from internal and external threats and works closely with our technology teams to define the security best practices, perform architecture and design reviews, threat modeling, conduct security assessments, and support the identification, interpretation, and remediation of threat and vulnerabilities across CSOD tech stack.

We are looking for someone with a strong background in information security and a proven ability to deliver under pressure

In this role you will

Design, develop, coordinate, and document the secure operation of information systems and develop best practices for securing enterprise-wide data and information systems

Define, scope and drive cloud security initiatives to ensure we can continue to secure all-important and sensitive data across our fast-growing organization

Participate in architecture and design reviews with development/DevOps staff to incorporate effective security standards into design

Proactively monitor security levels of cloud environments (AWS, GCP), IT systems and establish baseline security models including patching, vulnerabilities, CIS, and endpoint controls

Working with Enterprise Architects and other functional area architects and security engineers to ensure adequate security solutions are in place throughout all CSOD systems and platforms to mitigate identified risks sufficiently and support business objectives

Evaluate and respond to global information technology security threats in relation to systems and recommend security changes in response to emergent threats

Implement and maintain technology solutions to support compliance frameworks requirements including SSAE18, FedRAMP, ISO 27001 and PCI-DSS

Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: Pipeline security, DevSecOps, SIEM, IPS, Vulnerability Scanners

Manage team of security engineers

Youve got what it takes if you have

Bachelors degree in an Information Technology related field of study or equivalent post-high school education and/or work-related experience

8+ years of experience in system, network, and/or cloud security.

Knowledge and clear understanding of cloud-based infrastructures/software and how they affect security needs.

Working knowledge of AWS architecture, services, and security is a plus

Experience implementing security practices in CI/CD environment,

Self-motivation and the ability to work under minimal supervision are a must

Excellent at multitasking, and open to constant learning

Energetic and positive attitude

Excellent problem solving and analytical skills; outstanding oral and written communication skills

An extra dose of awesome if you have

Knowledge of microservices architectures

Experience working on security responsibilities for a SaaS or PaaS solutions, preferably in AWS

Basic knowledge of SQL and prior experience with programming in one or more server-side technologies such as ASP.NET Core or scripting (Python, Shell)

Thorough understanding of SDLC and software security maturity models such as Building Security In Maturity Model (BSIMM) or OWASP Software Assurance Maturity Model (SAMM) is a plus

Experience conducting secure code development training

Knowledge of cryptographic tools and/or security APIs

Equal Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, color, gender, age, sexual orientation, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at ...@csod.com