Product Security Leader

Date: Sep 17, 2022

Location: Downers Grove, IL, US

Company: Dover Corporation

Dover is a diversified global manufacturer with annual revenue of over $7 billion. We deliver innovative equipment and components, specialty systems, consumable supplies, software and digital solutions, and support services through five operating segments: Engineered Products, Fueling Solutions, Imaging & Identification, Pumps & Process Solutions and Refrigeration & Food Equipment. Dover combines global scale with operational agility to lead the markets we serve. Recognized for our entrepreneurial approach for over 60 years, our team of approximately 24,000 employees takes an ownership mindset, collaborating with customers to redefine what's possible. Headquartered in Downers Grove, Illinois, Dover trades on the New York Stock Exchange under "DOV." Additional information is available at dovercorporation.com. 

The Role: The Product Security Leader is responsible for the implementation and execution of security programs and practices to support a range of Business units (OpCo) at Dover Corp. This position will work across IoT, Software and cloud development teams to identify component and system level technical risks and evaluate critical failure points, determine technical security controls to mitigate risks, and work with cross functional teams to implement features according to product road maps.

 

This role will be based out of our Downers Grove, IL location or remote. 

 

Essential Duties/Principal Responsibilities

  • Work with the devops and systems teams to identify the right security architecture for implementing new solutions, products and modules. Develop, implement and maintain product security strategy for the entire business unit product portfolio covering IoT and, Smart-device suites
  • Conduct complete lifecycle security architecture and technical assessments for a wide range of products, including embedded devices, enterprise software solutions, cloud applications and mobile apps
  • Provide guidance and leadership on best practices regarding security in software and firmware development
  • Contribute to the development and evolution of the application and infrastructure security reference architecture. Develop, implement, and maintain the security architecture for the business unit product portfolio
  • Champion the security SDLC. This includes security requirements, threat modeling, security testing, penetration testing, and identifying and fixing vulnerabilities in software and applications on all business unit products.
  • Implement or manage the implementation of common application security controls
  • Support commercial teams by building customer trust in the security of Dover products
  • Expert level operational support for security escalations from customers
     

Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:

  • BS in a technical discipline with 5-7+ years of experience
  • Demonstrated expertise in product/application security architecture, Network security, application security, web services
  • Experience with SAST, DAST, SCA and penetration testing tools
  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 IoT Top 10 and CWE Top 25
  • Experience in leading development teams and working with Agile methodologies
  • Knowledge of secure infrastructure architectures, application architectures, encryption, Cloud Security, and broader security technologies.

    Preferred Qualifications
  • Relevant cyber security certifications:
  • CSSLP / CSSP
  • Graduate degree in a technical discipline
  • Experience in software development
  • Experience with cloud IaaS security operations

 

 

Our ideal candidate would have started as a PRODUCT software developer in Cloud or IoT development, experience working with product management, customers and business leadership. They would have then developed a specialization in security, ideally in security architecture.

 

Travel: Up to 20%

All qualified applicants will receive consideration for employment without discrimination on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other factors prohibited by law.

 


Job Segment: Cloud, Embedded, Testing, Firmware, Technology, Marketing