Senior Director, Cybersecurity Engineering
You love working across teams in a large organization as well as building them. Getting down in the weeds and hands on managing, architecting and developing solutions that drive secure software is an exciting day for you. Taking an idea and seeing it through to an implemented solution brings joy to your day. You put your team first and enjoy mentoring and growing those that report to you.
About Your Day:
You will lead and grow our Product Security and Threat and Vulnerability Management teams. You’ll design our approach to application security as well as manage risks from internal and external threats to 2U. Most days you’ll work with your fellow team members as well as stakeholders across 2U to develop plans to mitigate threats and vulnerabilities. You’ll also assist those stakeholders with vulnerable systems or software to understand the risk and find the best and most appropriate solution for the threat. Keeping a constant pulse on threats that may face 2U you’ll provide that timely data to business owners on an appropriate cadence to enable proper management of those risks. You’ll also manage threat and vulnerabilities assessments in coordination with 2U’s compliance team. This role reports directly to the VP, Cybersecurity.
- 10 years of relevant application security, threat and vulnerability management and cybersecurity experience.
- Strong experience managing and building technical teams including remote employees.
- Strong background in software engineering and leading engineering teams.
- Experience in creating and managing budgets.
- Experience working closely with development teams to develop a Secure Software Development Life Cycle.
- Knowledge of industry certification, audit standards and cyber risk management.
- Experience developing KPI’s and SLA’s that result in action.
- Experience building and managing threat and vulnerability workflows from discovery to remediation.
- Experience in Agile and Devops environments.
- Strong comprehension of standards like CVE, CPE, CVSS.
- Develop and recommend remediation for vulnerabilities in conjunction with business and system stakeholders.
- Develop and deliver application security strategy
- Develop metrics to report on the efficacy of the threat and vulnerability management program.
- Mature and optimize 2U’s processes and workflows for managing threats and vulnerabilities.
- Create and implement automation wherever possible.
- Lead and manage all aspects of threat and vulnerability management.
- Lead, manage and monitor patch management.
Technology you might have experience with:
- Static code analysis tools
- Continuous integration and continuous delivery tools
- Tenable Nessus, Rapid7 Nexpose
- Any of the number of threat data feeds
- Vulnerability management and compliance processes
- GRC tools (Archer, MetricStream etc)
Books you might own or have read:
- Agile Application Security: Enabling Security in a Continuous Delivery Pipeline
- Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations
- Threat Modeling: Designing for Security
- Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis
- Data-Driven Security: Analysis, Visualization and Dashboards
- Security Risk Management: Building an Information Security Risk Management Program from the Ground Up
- NIST SP 800-40
About 2U Inc. (NASDAQ: TWOU)
We believe there should be no back row in higher education. For more than a decade, 2U, Inc., a global leader in education technology, has been improving lives by powering the world’s best digital education. As a trusted partner and brand steward of great universities, we build, deliver, and support online graduate programs and certificates for working adults. Our industry-leading short courses, offered by GetSmarter®, are designed to equip lifelong learners with in-demand career skills. To learn more about 2U and No Back Row®, visit 2U.com.
2U Diversity and Inclusion Statement
At 2U, we are committed to creating and sustaining a culture that embodies diverse walks of life, ideas, genders, ages, races, cultures, sexual orientations, abilities and other unique qualities of our employees. We strive to offer a workplace where every employee feels empowered by the ways in which we are different, as well as the ways in which we are the same.
Why It’s Great to Work at 2U
2U offers a high-energy work environment that’s both challenging and fun. We work hard, but our offices are casual and social places. We wear jeans to work and fuel brainstorming sessions with snacks and seltzer.
2U offers a comprehensive benefits package:
- Medical, dental, and vision coverage
- Life insurance, disability and 401(k)
- Unlimited snacks and drinks
- Tuition reimbursement program
- Generous paid leave policies including a PTO allowance for your vacation, personal, or sick days
- Additional time off benefits include:
- time off to volunteer for non-profit organizations
- parental leave after 12 months of employment
- holidays that include a winter break from Christmas through New Year and more!
Note: The above statements are intended to describe the general nature and level of work performed by individuals assigned to this position, and are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.
2U is an equal opportunity employer that does not discriminate against applicants or employees and ensures equal employment opportunity for all persons regardless of their race, creed, color, religion, sex, sexual orientation, pregnancy, national origin, age, marital status, disability, citizenship, military or veterans’ status, or any other classifications protected by applicable federal, state or local laws. 2U’s equal opportunity policy applies to all terms and conditions of employment, including but not limited to recruiting, hiring, training, promotion, job benefits, pay and dismissal.