Sr Manager, Global Information Security (San Jose, CA)

February 9, 2010

in HTML, Programming Jobs

Responsibilities:

• You will protect the eBay, Inc. community by developing, organizing and leading a world-class information security team.

• You are a highly experienced and self-motivated technical manager who will lead a team of security experts responsible for securing eBay’s online presence and related public facing product lines globally.

• You are a seasoned high energy leader that has experience managing high performance teams, building a culture of dependable execution and delivery, while simultaneously fostering innovation within those teams.

• You will collaborate with product management, product development, application architecture, security architecture, site operations, network security, and other key stakeholders to secure the existing platforms of eBay and to innovate new platforms/technologies that enable the business to grow while ensuring the trust and security of the marketplace.

• You will provide the product security vision, develop security strategies and lead a team tasked with researching emerging classes of security vulnerabilities, modelling associated threats and efficiently penetration testing eBay Marketplaces platforms against those threats.

• You will transcend the technical understanding of a security issue/decision and be able to present the “So What?” to executive management in the terms and language of risk/reward to the business.

• You will consult on implementation of changes to enhance system, application and network security while maintaining a focus on driving down cost and friction to customers and stakeholders.

• You will be part of a security oncall phone rotation and periodically escalated to in order to provide security expertise during critically escalated events and investigations.

Qualifications:

Technical Attributes Required:

• Bachelor’s Degree (CS, EE or Equivalent)

• Total of 10+ years in the area of Operations, Network Security, Application architecture or Information Security.

• High degree of expertise in building and driving world-class programs around: security threat modeling, application penetration testing, application code review, mitigation/remediation and security design consulting.

• Experience managing and working with security researchers, whose body of work is well known and respected throughout the security research community. Experience with coordinating and managing security conference presentation of this research is considered a plus.

• Experience working in a professional environment involving highly available, global applications and site-critical functions.

• Experience designing, building and working with non-traditional platforms and cutting edge technologies required.
• Experience holding technical patents (or pending patents) in the areas of security innovation is considered a plus.

Personal / Managerial Attributes Required:The candidate must possess:

• an extreme sense of professionalism and ethics.

• the ability to build, motivate and lead a global team of top level security experts.

• the ability to communicate effectively at all levels of management while understanding the motivations and background of the audience

• strong technical documentation and presentation skills. The candidate must be comfortable presenting to the public and understand how to professionally interact with the press/media.

• the ability to influence others and achieve results across corporate boundaries and functions.

• endless energy and a deep enthusiasm/interest for information security and related disciplines.

• experience working as a member of a large scale global security team with responsibilities for security of product/customer focused solutions.

• experience and personal industry network for collaborating with the product security / engineering teams of other major online companies and internet infrastructure players is a plus.

• experience with a major security consulting firm is a plus.

Experience in the following fields is required:

• Security assessments & vulnerability scanning

• Penetration testing / ethical hacking

• Risk analysis & security threat modelling

• Application security audit and scanning tools and techniques

• Working knowledge of network devices, firewalls, IDS/IPS.

• Working knowledge of TCP/IP protocols and network architecture.

• Working knowledge of web-based applications and associated attack vectors.

• Working knowledge with UNIX and Windows based operating systems.

• Experience with writing and reviewing C, Java, Perl, PHP, Python, HTML, Javascript, Flash and shell scripting is a plus.

• Experience conducting investigations and file level/bit level forensics using EnCase and other common investigative tools is a plus.

Certifications considered a plus:

• CISSP/CISM, EnCE, GCFA Security, SANS certificates.

To apply for this position, please CLICK HERE

ARBEBAY7040-732200

Twitter Delicious Stumble Upon Facebook Digg Linked In Technorati Netvibes Yahoo Google Blogger Wordpress

Tags: , , , ,

Leave a Comment

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>