BE PART OF BUILDING THE FUTURE.
What do NASA and emerging space companies have in common with COVID vaccine R&D teams or with Roblox and the Metaverse?
The answer is data, -- all fast moving, fast growing industries rely on data for a competitive edge in their industries. And the most advanced companies are realizing the full data advantage by partnering with Pure Storage. Pure’s vision is to redefine the storage experience and empower innovators by simplifying how people consume and interact with data. With 11,000+ customers including 58% of the Fortune 500, we’ve only scratched the surface of our ambitions.
Pure is blazing trails and setting records:
- For eight straight years, Gartner has named Pure a leader in the Magic Quadrant
- Our customer-first culture and unwavering commitment to innovation have earned us a certified Net Promoter Score in the top 1% of B2B companies globally
- Industry analysts and press applaud Pure’s leadership across these dimensions
- And, our 4,000+ employees are emboldened to make Pure a faster, stronger, smarter company as we go
If you, like us, say “bring it on” to exciting challenges that change the world, we have endless opportunities where you can make your mark.
SHOULD YOU ACCEPT THIS CHALLENGE.....
Pure Storage (PSIRT) Security Incident Manager is responsible for scoring / re-scoring security vulnerabilities, working closely with security engineering to identify final attribution for fix/risk mitigation of security vulnerabilities, working cross functionally across teams to document and publish security advisories as required.
A successful candidate will have demonstrated experience in the lifecycle of a security vulnerability investigation, through to eventual CVE publishing if required.
This role entails a high level of cross functional engagement. A successful candidate will be task driven, very focused on task completion. In addition to responsibilities relating to security vulnerability investigation, a successful candidate will also engage in identifying and leading implementation of improvements with Produce Security Incident Response.
As a senior role within CX, a PSIRT Security Incident Manager will also lead company wide efforts in conjunction with other CX, Engineering, Legal, PR Sales resources to coordinate Pure’s response to industry wide security vulnerabilities.
PSIRT Security Incident Manager will:
- Promptly assemble and lead a cross-functional team to engage/ mitigate security incidents
- Own resolution(s) on executive-level customer and product escalations relating to security
- Drive communication with senior-level client stakeholders on a business as well at a technical level
Job Responsibilities will include:
- Act as the customer advocate in managing security risks, ensuring issues are prioritized and remediated at an appropriate velocity, and escalate to senior leadership as needed
- Lead security initiatives and serve as the central point of contact for Pure Storage Engineering, QA, Product Management to own coordination of actions associated with internally and externally identified vulnerabilities
- Collaborate with Product Engineering to prioritize resolution to security vulnerability exploits; program manage Product Security Vulnerability fix and integration (release roadmap/ and communications); document/publish internal/external messaging to communicate the status of fix/integration details to Pure Executive leadership (Estaff)
- Communicate quickly and effectively with engineers, various stakeholders, and customers about security issues as well as author technical documentation on security issues (i.e. mitigations and fixes) in a clear and easy-to-understand manner
- Drive post mortem and lessons learned on all systemic security incidents/ vulnerabilities, which may include a full follow-through, documentation, and implementation of all associated corrective actions
- Execute work against long-term goals and initiatives to support Pure Storage overall security posture and roadmap
- Strong people and project management skills with a minimum of 12 years of experience supporting Fortune 500 companies, preferably in Enterprise storage, virtualization, networking, or Enterprise applications industry
- 7+ years of Critical Incident Management experience with the ability to work in a highly-matrixed environment
- CVSS (Common Vulnerability Scoring System) experience is required
- Bachelor’s degree required; equivalent experience considered
- Able to multitask, influence, negotiate, and delegate with a strong sense of urgency and accountability
- Manage crisis situations outside of normal working hours as needed
- Dedication to understanding cause and effect- ability to unravel complicated problem statements and work with cross-functional teams to determine required areas of improvement
- Ability to create policies and processes where they do not exist, develop and implement governance where required, and bring order where there is complexity and uncertainty.
- Adapt to change and effectively organize work according to business priorities
Specific technical and business problem knowledge in one or more of the following areas:
Vendor ecosystem knowledge
Enterprise Cyber Risk Management
Security Strategy and Governance
Regulatory Compliance services (FCA, PRA, GDPR)
Security Framework (NIST, ISO27001, Cyber Essentials, etc.)
Threat Intelligence Services
Certifications - hold an industry-recognized certification such as CISM, CISSP, CRISC, or equivalent
The annual base salary range is: $95,000 - $204,000. Salary ranges are determined based on role, level and location. For positions open to candidates in multiple geographical locations, the base salary range is reflective of the labor market across the applicable locations. This role may be eligible for incentive pay and/or equity. And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events - check out purebenefits.com for more information.
BE YOU—CORPORATE CLONES NEED NOT APPLY.
Pure is where you ask big questions, think differently, and make an impact. This is not just a job, but a place where you have a voice and can accelerate your career. We value unique thoughts and celebrate individuality, and with ample opportunity to learn, develop yourself, and expand into different roles, joining Pure is an investment in your career journey.
Through our Pure Equality program, which supports a flourishing field of employee resource groups, we nourish the personal and professional lives of our team members. And our Pure Good Foundation gives back to local and global communities through volunteering and grants.
And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events.
PURE IS COMMITTED TO EQUALITY.
Research shows that in order to apply for a job, women feel they need to meet 100% of the criteria while men usually apply after meeting about 60%. Regardless of how you identify, if you believe you can do the job and are a good match, we encourage you to apply.
Pure is proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire.
If you need assistance or an accommodation due to a disability, you may contact us at TA-Ops@purestorage.com.
APPLICANT & CANDIDATE PERSONAL INFORMATION PRIVACY NOTICE.
If you're wondering how or why Pure collects or uses information you provide, we invite you to check out our Applicant & Candidate Personal Information Protection Notice.
DEEMED EXPORT LICENSE NOTICE.
Some positions may require a deemed export license for compliance with applicable laws and regulations. Please note: Pure does not currently sponsor deemed export license applications so we are unable to proceed with applicants requiring stated sponsorship.
PURE’S COMPLIANCE WITH THE U.S. GOVERNMENT COVID-19 MANDATE
In accordance with Pure’s policies, current and anticipated federal regulations, and our ongoing commitment to prioritizing the health and well-being of our employees, partners, and customers, and the community at large, where permitted by law, all Pure employees and contractors working in the United States are expected to be fully vaccinated against COVID-19 prior to your start date. Should you require an exemption for medical or religious reasons, you must initiate Pure’s exemption request process which will determine if an exemption can be granted in accordance with applicable local, state, and/or federal law.