Skip to main content

Manager, Secure SDLC

Security

We are seeking a highly motivated and experienced Manager of Application Security Services to join our Security Engineering team. This team works closely with the Security teams to identify, design, build, and improve application security processes and tools to continuously improve  security. Your subject matter experience, business acumen, and ability to influence stakeholders across the product and engineering teams will make you successful.

You should have strong problem-solving skills, excellent communication skills, an understanding of modern Internet threats, and the ability to influence people from customers to managers by creating win-win solutions. You should be open to new challenges, extremely good at multitasking, innovative, creative, self-directed and a great team player. You will drive continuous process improvement, and collaborate effectively with aggressive cross-functional business and software development teams to solve problems and implement new solutions. You must be able to work with multiple engineering teams to manage the execution of Product Security Reviews.

What you’ll do:

  • Establish Secure Systems Development Life Cycle (SDLC) practices including threat modeling and security testing

  • Perform security reviews for new products, technologies and services.

  • Collaborate with security engineers to define and document secure development practices and requirements to enable secure product development

  • Partner with multiple teams across multiple locations with varying sets of priorities to ensure a timely delivery of the secure solution.

  • Clarify and drive project commitments as well as establish and maintain clear chains of accountability.

  • Lead internal security projects, including the development and implementation of internal tools with end-to-end ownership

  • Security training and outreach to internal development teams

  • Collaborate with security experts to develop robust security guidance documentation

  • Identify opportunities for development of security assurance tools, automation and manage development efforts

  • Security metrics delivery and improvements

What you'll need: 

  • Bachelor degree in Computer Science, Engineering or related fields

  • Minimum of 5 years of professional experience in managing technical programs or projects including architecture, design, or implementation

  • 2+ yrs of experience with any cloud service offerings (Google, AWS , Azure) and related security controls

  • 3+ yrs of experience with and a strong foundational understanding of secure software engineering principles, distributed architectures

What will set you apart : 

  • Ability to communicate deep technical issues in terms of business risk with non-experts and senior leaders

  • Ability to lead through influence within a secure development life-cycle for multiple products and technologies, meeting customer expectations for security

  • Experience implementing security solutions that resolve security and business risk trade-offs

  • Experience working with stakeholders across many functions

  • Familiar with the implementation of enterprise's SDLC process, have work experience in building secure SDLC for IT companies

  • Familiar with black box testing methods and paths, able to independently complete source code auditing work, have hands-on experience in security design checklist;

  • Familiar with at least one programming language such as Java, Python, PHP, go, C, etc., and proficient in reading design documents and related codes

We offer comprehensive compensation and healthcare packages, 401k matching, paid time off, and organizational growth potential through our online learning platform with guided career tracks.

If this sounds like somewhere you want to work, don’t delay, apply today - we’re looking for you!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Who is Equifax? 

At Equifax, we believe knowledge drives progress. As a global data, analytics and technology company, we play an essential role in the global economy by helping employers, employees, financial institutions and government agencies make critical decisions with greater confidence. ​​​​​​​ 

We work to help create seamless and positive experiences during life’s pivotal moments: applying for jobs or a mortgage, financing an education or buying a car. Our impact is real and to accomplish our goals we focus on nurturing our people for career advancement and their learning and development, supporting our next generation of leaders, maintaining an inclusive and diverse work environment, and regularly engaging and recognizing our employees. Regardless of location or role, the individual and collective work of our employees makes a difference and we are looking for talented team players to join us as we help people live their financial best. 

Working at Equifax

We believe in a growth mindset. At Equifax, this includes providing our employees opportunities to perform at their best and learn new skills along the way to inspire and build fulfilling careers.

Learn More

Laptopv2

Join our talent community

Learn about upcoming career opportunities and events at Equifax

Sign Up