Job Description

Fortive is currently seeking a seasoned DevSecOps Manager to join the growing global Security team. We are looking for an experienced DevSecOps Manager - Secure Coding Subject Matter Expert to join our Product Security function to provide guidance, support and measurement as it relates to secure design, secure coding, security testing and automation to enable DevOps teams to securely build software applications and systems. You will work with management, product development engineering, and operations teams on cross-functional projects throughout the organization to enhance the security posture across the enterprise product portfolio, perform training, add context and priority to security related findings, and support the Incident Response team as needed. This role requires enthusiasm, attention to detail, and an insatiable commitment for positive outcomes. This position will report directly to the director of product security. Key Duties and Responsibilities: Ownership of the Secure Coding Program including the ownership for the development, testing, and delivery of processes and tools to streamline secure coding practices, tooling, implementation, and continuous compliance. Act as a security advisor to developers, architects, engineers, security engineers and other stakeholders to ensure we design confidentiality, integrity, resiliency, and privacy into Fortive\'s products and services. Build, train and mentor product developers, engineers, and DevOps teams across the enterprise in secure coding practices. Work with the product teams to support proactive research in the area of security coding and integrate new languages and investigate new tooling to mitigate new emerging threats, vulnerabilities, tactics, techniques and procedures. Integrate Secure Coding toolsets into product teams CI/CD pipelines. Integrate SAST findings into product team agile management tooling (e.g., Jira) Create Key Performance Indicators (KPI) to accurately measure cyber security activities aligned with current business strategies and risk management frameworks. Work with standardization and regulatory frameworks such as FedRAMP, ISO 27001, CIS Critical Security Controls, NIST CSF frameworks, Cloud Security Alliance, PCI DSS, GDPR Other duties and obligations as assigned by the Director of Product Security Minimum Qualifications Demonstrated experience managing secure coding initiatives in a highly fluid enterprise-level product and service development environment; Experience managing vendors and service providers and performing oversight for the delivery of security capabilities; Significant technical knowledge of product development languages, secure coding standards, product security programs, concepts, processes, trends, and best practices; Demonstrated knowledge of aligning secure coding practices with current compliance frameworks. Preferred Qualifications: 8-15 years relevant experience Strong background in secure coding; deep knowledge of security standards, protocols and methodologies Excellent problem-solving and analytical skills with the ability to evolve product security and secure coding practices based on research, data, and industry trends Mastery level experience using multiple programming languages such as C, C++, Java, .Net, Go, and Rust, associated secure coding practices, mapping secure coding standards to practices which satisfy security requirements, coordinating efforts to scope, implement then deploying secure coding practices in automated ci/cd environments Strong focus on API secure coding and Web Application secure coding Strong communication and presentation skills with the ability to interact at all levels of the organization. Proven success managing cross-functional enterprise security programs Possess a passion and drive for cyber-security, with an active interest and knowledge of current trends and emergent threats Experience on Orchestration/automation solutions would be helpful. Strong ethics, integrity, attention to detail, and self-motivation to succeed against challenges Proven capability and desire to diligently deliver high quality work, as an individual or part of a team, to agreed specifications and timelines Demonstrable strong verbal and written communication skills, when communicating with peers, seniors, juniors, or customers Experience in product development, quality assurance, or a Security related role within a product development team. Familiarity, understanding and demonstration of the \'attacker mind-set\', towards providing better coverage against threats. Fortive Corporation Overview Fortive\'s essential technology makes the world stronger, safer, and smarter. We accelerate transformation across a broad range of applications including environmental, health and safety compliance, industrial condition monitoring, next-generation product design, and healthcare safety solutions. We are a global industrial technology innovator with a startup spirit. Our forward-looking companies lead the way in software-powered workflow solutions, data-driven intelligence, AI-powered automation, and other disruptive technologies. We\'re a force for progress, working alongside our customers and partners to solve challenges on a global scale, from workplace safety in the most demanding conditions to groundbreaking sustainability solutions. We are a diverse team 18,000 strong, united by a dynamic, inclusive culture and energized by limitless learning and growth. We use the proven Fortive Business System (FBS) to accelerate our positive impact. At Fortive, we believe in you. We believe in your potential-your ability to learn, grow, and make a difference. At Fortive, we believe in us. We believe in the power of people working together to solve problems no one could solve alone. At Fortive, we believe in growth. We\'re honest about what\'s working and what isn\'t, and we never stop improving and innovating. Fortive: For you, for us, for growth. Ready to move your career forward Find out more at careers.fortive.com. FOR000873

foundit