Product Security Engineer

Esri   •  

Redlands, CA

Industry: Information Technology


Less than 5 years

Posted 58 days ago

This job is no longer available.


  • Identify changing security risks and impact to customers; recommend which security capabilities and certifications should be prioritized and built
  • Review customer product security questionnaires and contractual requirements for areas of compromise and discuss solutions with the security architect
  • Act as SME for product security and certifications among our technical support, sales, and partner teams; provide regular updates in Loopio system and answer incoming questions
  • Collaborate with legal team to ensure clarity and feasibility of contractual requirements related to security
  • Coordinate an ongoing internal program that educates software development managers about security and privacy trends and advises them on software development standards and security validations
  • Contribute to security best practice whitepapers for internal and external use by collaborating with product teams
  • Assist with FedRAMP program by researching and assessing new cloud technologies, performing threat modeling to identify risk, and recommending tools to support our internal operations


  • 2+ years of cyber security experience with cloud environments such as MS Azure or AWS and/or on-premises enterprise-class products
  • Knowledge of the ArcGIS platform or a product suite of similar complexity
  • Proven experience aligning products or services with security and privacy standards such as CJIS, HIPAA, FedRAMP, NIST, Cybersecurity Framework, GDPR
  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25
  • Exceptional problem-solving and creative thinking skills
  • Excellent verbal and written communication skills
  • Willingness to travel and present at Esri conferences
  • Bachelor's or master's in computer science or related field, depending on position level

Recommended Qualifications

  • Knowledge of California privacy regulations to take effect in 2020
  • Cloud and security industry certifications such as AWS and Azure, SSCP, CCSP
  • Experience presenting to large audiences of varying IT backgrounds
  • Experience with web and mobile platform security
  • Experience with contractual/legal agreements related to GDRP and HIPAA
  • Security certifications used by federal, law enforcement, and healthcare organizations

About Esri