Events  Classes  Deals  Spaces  Jobs  SXSW 
    Sign in  
 
 
Shutterstock is marketplace connecting creative professionals w/ best photos.
 
Product, Full Time    New York City    Posted: Wednesday, May 15, 2019
 
   
 
Apply To Job
 
 
 
JOB DETAILS
 

Shutterstock is seeking a Senior Level Security Professional to lead the Product & Application Security team.This individual will report to the Chief Information Security Officer & be responsible for validating that our services, applications & websites are designed & implemented to the highest security standards to protect our company & our customers. This role requires strong partnership with Shutterstocks Product, Engineering/DevOps, QA & Infrastructure teams to educate, inform & enforce security throughout the product & application lifecycle.

Responsibilities of this role include, but are not limited to, the following activities:

  • Review & advise on the security design of new products & applications
  • Identify gaps in existing security architecture & recommend improvements
  • Identify & monitor appropriate security check points in the systems development life cycle.
  • Implement application security activities as part of the CI/CD pipeline
  • Perform code review, penetration testing & vulnerability research
  • Analyze the security of native sites, mobile sites/app, APIs & desktop; where issues are discovered, work cross-functionally to prioritize resolution/mitigation
  • Point out common areas in web & mobile applications where developers need to be particularly conscious of security risks; Provide guidance for how to address each risk on common web stacks
  • Implement & manage/monitor Layer 3, 4 & 7 DDoS protection & management; layer 7 WAF management, bot mitigation & fraud prevention,
  • Oversee the bug bounty program for Shutterstock
  • Ensure customer-facing security remains up-to-date & intact: encryption (at rest, in transit), identity registration/login/password resets, & customer data flows & storage
  • Serve as a technical reference for developers & engineers
  • Understand emerging threats facing Shutterstock

Skills & Experience:

  • 7-10+ years of experience within information security & information technology
  • An understanding of web services, mobile applications, applied cryptography, & penetration testing
  • An understanding of network & web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
  • Proficient in standard security assessment & testing tools (code & application scanners)
  • Knowledge of common application security issues & remediation techniques (e.g. SQL injection, Cross Site Scripting, cookie replay, credential theft, dictionary attacks, session hijacking, etc.)
  • Required industry security certification (e.g., CISSP, CISM, CISA, CCSP, etc.).
  • Experienced in working with cloud infrastructures, AWS preferred: Software as a Service (SaaS), Platform as a Service (PaaS), & Infrastructure as a Service (IaaS) technologies
  • Leadership qualities with a proven track record of building a collaborative, motivated team environment.
  • Proven ability to develop effective partnerships with senior management & peer organizations. Must be able to explain technical concepts & problems to nontechnical senior executives effectively.
  • Strong written & verbal communication skills. Strong interpersonal skills, resourceful, responsive with strong follow through.


Supervision:

  • This role will manage people

About Shutterstock:

Shutterstock (NYSE: SSTK), directly & through its group subsidiaries, is a leading global provider of high-quality licensed photographs, vectors, illustrations, videos and music to businesses, marketing agencies & media organizations around the world. Working with its growing community of contributors, Shutterstock adds hundreds of thousands of images each week & has millions of images & video clips available.

Headquartered in New York City, Shutterstock has offices around the world & customers in more than 150 countries. The company also owns Bigstock, a value-oriented stock media agency; Shutterstock Custom, a custom content creation platform, Offset, a high-end image collection; PremiumBeat a curated royalty-free music library; Rex Features, a premier source of editorial images for the world's media.

For more information, please visit www.shutterstock.com & follow Shutterstock on Twitter, Facebook and Instagram.

Equal Opportunity Employer, M/F/D/V

 
 
 
Apply To Job
 
 
 
 
 
© 2019 GarysGuide      About   Terms   Press   Feedback