Security Partner at Adobe

Our Company

Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. 

We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

The Opportunity

The Adobe Security team is seeking a thoughtful, passionate information security professional to play a key role in enabling a culture of security throughout our product engineering teams. As a Security Partner, you are a key interface in our global workforce between the product management, engineering, cyber security, and compliance teams as we develop and improve our Security products. In this position, you will be driving the internal certification and accreditation processes and procedures, vulnerability management, and incident response for your product portfolio as well as leading efforts to increase security awareness through education.

Key Responsibilities (how):

• Analyze security risks using real-world security data and systems automation.
• Maintain up-to-date knowledge related to security threats, vulnerabilities, and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
• Frequently document and communicate product security progress and risks to senior business unit leadership.
• Contribute to security program development by identifying new or emerging opportunities to apply security principles and technologies.
• Lead product-level security objectives and priorities to ensure timely and effective completion, including setting deadlines, prioritizing tasks, and assigning team members to various programs/projects.
• Contribute to the production and improvement of the content, quality, and design of reporting dashboards, supporting Adobe’s efforts to develop a reliable reporting medium by collecting requirements, then proceeding to design and implementation phases.
• Foster close, cooperative relationships with peer leaders, leadership, and other teams in efforts to maintain cross-functional alignment.
• Elevate any risks and issues. Solicit feedback to shape, communicate, and track key deliverables and drive prioritization across and within projects and programs.
• Seek to understand the big picture objectives, clarify end goals, and look to be a strategic partner with management in driving the strategy and accomplishing security goals.
• Serve as a trusted aide to business unit leadership to improve overall product security posture.
• Work independently with a geographically dispersed team.

What You’ll Need to Succeed

• Master’s degree in computer science, engineering, cybersecurity or a related field, or a bachelor's degree with 8+ years of experience in a similar security role.
• Outstanding organization skills, strong planning skills, communication skills, and high attention to detail. The position requires speaking publicly to senior leadership and customers.
• Proven track record building technical rapport and enduring relationships within diverse teams.
• Solid understanding of public cloud infrastructure and architecture (AWS, Azure, GCP) and associated security concepts and challenges.
• Solid understanding of foundational security principles, techniques, and standard methodologies such as authentication, authorization, logging, baselines, data handling, and SPLC.
• Solid knowledge of application & operations security vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
• Ambitious and driven, with excellent interpersonal and communication skills.
• Ability to multitask and switch between multiple high urgency projects.
• Experience with emerging threats, mitigations, and industry trends.
• Familiarity with compliance frameworks such as FedRAMP, ISO 27001, SOC2, HIPAA, FERPA, and PCI.
• Experience leading projects and programs, especially within the Cybersecurity domain.
• Experience working in an engineering and software development organization and within the Secure Development Lifecycle.
• Experience working with Lean Enterprise/Agile/DevOps/SecDevOps development frameworks.
• Strong experience working with SaaS/cloud delivered solutions.
• Knowledge and experience working with common security tools: Kali Linux, Nessus, Qualys, BurpSuite, etc.
• Solid knowledge and understanding of containerized applications: Docker, OpenShift, Kubernetes, etc.
• Industry Certifications such as CISSP, CASP+, CISM, CISA, GCIH, CFCE, GCFA, and/or GCFE, or equivalent job experience.