Current jobs related to Director, Secure SDLC - Boston - Iron Mountain
-
Director, Security Engineering
2 weeks ago
Boston, MA, United States Pantheon Full timePantheon WebOps Platform powers the open web, running more than 300,000 sites in the cloud for customers including Google, Princeton, Salesloft, and Doctors Without Borders. Every day, thousands of developers and marketers create, iterate, and scale WordPress and Drupal sites to reach billions of people globally. Pantheon's multitenant, container-based...
-
Director, Security Engineering
4 days ago
Boston, MA, United States Pantheon Full timeAbout Pantheon Pantheon WebOps Platform powers the open web, running more than 300,000 sites in the cloud for customers including Google, Princeton, Salesloft, and Doctors Without Borders. Every day, thousands of developers and marketers create, iterate, and scale WordPress and Drupal sites to reach billions of people globally. Pantheon's multitenant,...
-
Global Information and AI Security Director
3 days ago
Boston, United States Boston Consulting Group Full timeLocations: Boston | AtlantaWho We AreBoston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation-inspiring complex change, enabling organizations...
-
Director of Security
2 weeks ago
Boston, United States Northeast Security Full timeDirector of SecurityNortheast security is seeking an Account Manager for one of our premiere Accounts in the area of Boston, MA**Must be available to be on call 24/7. Work schedule may include evenings or night shifts and weekends/holidays as determined and scheduled annually**salary range is $85K-$90K**Salary range is based on Location and client and...
-
Safety and Security Director
4 weeks ago
Boston, United States Boston Health Care for the Homeless Program Full timeSafety And Security DirectorWe are seeking a Safety and Security Director to join our team at Boston Health Care for the Homeless Program. As a Safety and Security Director, you will be responsible for the overall safety and security programs of the BHCHP locations, including the Barbara McInnis House, 33 Bradston Street, and our outreach clinics. In...
-
Boston, United States The Ceres Group Full timeWe are looking for an experienced, collaborative, and dynamic Data Management and Enterprise Analytics Director to lead the ongoing development and support of enterprise solutions for (i) data warehousing, (ii) enterprise analytics, (iii) integrations across our enterprise transaction systems (Workday, Salesforce, and SharePoint), and (iv) data collection...
-
Assistant Security Director
2 weeks ago
Boston, United States Northeast Security Full timeAssistant Security DirectorNortheast security is seeking an Assistant Account Manager for one of our premiere portfolios in Boston, MA!Pay Rate: $26.00**Must be available to cover various posts during the assigned shift. Work schedule may include evenings or night shifts and weekends/holidays as determined and scheduled annually** Assistant Security...
-
Senior Director, Security Architecture
3 days ago
Boston, MA, United States Oracle Full timeJob Description Oracle seeks a Senior Director of Security Architecture to lead enterprise-wide product security architecture for Oracle Cloud and Applications. You will set the strategy and operate a modern, risk-based security review program, champion a cloud-first threat modeling methodology, and leverage Oracle's world leading AI capabilities to increase...
-
Director of Security
23 hours ago
Boston, Massachusetts, United States NORTHEAST SECURITY Full time $60,000 - $85,000 per yearDirector of SecurityNortheast security is seeking an Account Manager for one of our premiere Accounts in the area of Boston, MA**Must be available to be on call 24/7. Work schedule may include evenings or night shifts and weekends/holidays as determined and scheduled annually**salary range is $60K-$85K**Salary range is based on Location, client and...
-
Safety and Security Director
3 weeks ago
Boston, United States Boston Health Care for the Homeless Program Full timeOverviewWe are seeking a Safety and Security Director to join our team at Boston Health Care for the Homeless Program. As a Safety and Security Director, you will be responsible for the overall safety and security programs of the BHCHP locations, including the Barbara McInnis House, 33 Bradston Street, and our outreach clinics. In addition, the security role...
Director, Secure SDLC
4 weeks ago
Director, Secure SDLC & Application Security Join to apply for the Director, Secure SDLC & Application Security role at Iron Mountain 1 day ago Be among the first 25 applicants This range is provided by Iron Mountain. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range $159,400.00/yr - $212,500.00/yr At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain. We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways. Are you curious about being part of our growth story while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation. Job Summary We are looking for a highly influential and experienced Director, Secure SDLC & Application Security to mature and establish control gates across our secure software development environments and practices. This strategic role is responsible for embedding security into every stage of our Software Development Lifecycle (SDLC, SP 800-64), guided by the principles of the NIST Secure Software Development Framework (SSDF, SP 800-218). This position is pivotal in bridging our development, IT, and cybersecurity organizations. Reporting directly to the CTO with a dotted line to the CISO, you will be the central point of contact for application security. This role has a critical focus on ensuring our products meet the stringent compliance and security requirements of our U.S. government clients. You will lead the application security function with direct leadership responsibility for information security compliance within our Digital Business Unit, in partnership with the CISO organization. Your primary impact will come from partnering with and influencing development leaders to foster a culture where security is a shared responsibility. Key Responsibilities Strategic Ownership & Influence: Own the strategy for embedding security within the development lifecycle. Act as the primary security partner for development leaders, influencing technology roadmaps and architectural decisions to ensure security is built-in, not bolted on. Secure SDLC Partnership & Compliance: In partnership with the CISO organization, drive and manage key functions like threat modeling, automated testing, secure design reviews, and secure deployment practices. FedRAMP Application Compliance & Enablement: Partner closely with the CISO's FedRAMP Compliance and Governance teams. This role is responsible for ensuring that all applications are built to meet FedRAMP technical controls and that all required development documentation and evidence (e.g., system security plans, vulnerability scan reports, architectural diagrams) are properly created, maintained, and delivered for audits and to support Authorization to Operate (ATO) packages. Policy and Process Development: Establish, maintain, and enforce secure coding standards, vulnerability management procedures, and policies for the use of third‑party and open‑source software, with specific adaptations for government‑regulated environments. Business Unit Security Leadership: In partnership with the CISO organization, provide direct leadership for information security compliance across the Digital Business Unit's development and product functions, ensuring the unit's products and development practices align with all corporate and regulatory standards. Cross‑Functional Partnership: Serve as the key liaison between the CTO's engineering teams, the CISO's security organization, and the broader IT organization. Build strong, collaborative relationships to ensure seamless integration of security controls and processes. Tooling and Automation Integration: Drive the strategy for security tooling within the CI/CD pipeline, including compliance with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA). Metrics and Dual Reporting: Develop KPIs to measure the effectiveness of the application security program. Provide clear, concise reports and updates on our software security posture to both the CTO and CISO. Qualifications and Skills 10+ years of experience in software development or information security, with at least 5 years in a leadership, principal, or senior role focused on application/product security. Demonstrable experience implementing and managing a secure SDLC based on a recognized framework like NIST SSDF (800‑218). Direct, hands‑on experience developing and securing applications within FedRAMP High and/or Moderate compliant cloud environments. Proven success in a matrixed environment, influencing change and driving initiatives across multiple teams and departments without direct authority. Work Authorization Applicants must be legally authorized to work in the United States without the need for current or future visa sponsorship. Technical Skills Expertise in threat modeling (e.g., STRIDE), secure coding practices, and modern application security vulnerabilities (OWASP Top 10). Hands‑on experience with security testing tools (SAST, DAST, SCA and penetration tests) and their integration into developer workflows (GitLAB and Veracode). Proven capability to utilize Tenable for enterprise‑wide vulnerability detection and compliance, driving remediation within SLA across diverse DevOps environments. Strong understanding of DevOps/DevSecOps principles and CI/CD pipelines. Experience building developer enablement programs covering secure coding, threat modeling, SBOM generation, and vulnerability management requirements. Define secure baselines for third‑party components, open‑source dependencies and container registries. Familiarity with cloud‑native security (AWS GovCloud, GCP, Azure Government). Influence And Communication Exceptional stakeholder management skills, with the ability to build consensus between engineering, security, and business leaders. Excellent ability to articulate complex security risks and concepts to varied audiences, from engineers to senior executives. Education And Certifications Bachelor’s degree in Computer Science, Information Security, or a related field; Master’s degree preferred. Relevant industry certifications (e.g., CISSP, CSSLP, GCSA) are highly desirable. Reasonably expected salary range: $159,400.00 - $212,500.00 Category: Information Technology Iron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. If you have a physical or mental disability that requires special accommodations, please let us know by sending an email to accommodationrequest@ironmountain.com. See the Supplement to learn more about Equal Employment Opportunity. Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law. Requisition: J0091444 Seniority level: Director Employment type: Full‑time Job function: Information Technology Industry: IT Services and IT Consulting #J-18808-Ljbffr
