Senior Technical Product Manager

About the Job

The Senior Technical Product Manager is assigned to the Security Best Practices & Automation team at the Center for Internet Security. Reporting to the Director of Benchmarks Development, the Senior Technical Product Manager will partner with other cybersecurity team members to promote the CIS mission and help support our growth. The primary purpose of this position is to coordinate the continual development and periodic (monthly, quarterly, etc.) release of consensus-based, industry standards and solutions for systems security and associated standards-based assessment and remediation schemas, definitions, etc.

Duties and Responsibilities

  • Lead and manage consensus teams on continual development and periodic release (monthly, quarterly, etc.) of configuration security best practice guidance for IT assets, such as operating systems and server and application software.
  • Coordinate and join in the continual development and periodic release (monthly, quarterly, etc.) of automatable security assessment and remediation content in Extensible Markup Language (XML)-based schemas, including Extensible Configuration Checklist Description Format (XCCDF), Open Vulnerability and Assessment Language (OVAL), Embedded Check Language (ECL), Group Policy Objects (GPOs), Puppet modules and/or other formats.
  • Directly support the maintenance and strengthening of relationships with software developers/providers, security assessment product vendors, government partners (e.g. NIST, NSA), other security community leaders and groups, etc. to improve the effectiveness and efficiency of CIS Security Benchmarks products and services in addressing the most critical security needs.
  • Serve as a technical expert on communications with CIS Security Benchmarks members and prospects.
  • Perform other duties as assigned.

Required Qualifications

  • Completion of a Bachelor's degree in Computer Science at an accredited college or equivalent work experience
  • 3+ years of experience in the Cyber Security/Technology field, particularly in IT system/ application configuration security
  • 3+ years of experience implementing and/or assessing network, application and/or operating system security controls.
  • Highly skilled in network, application and operating system security concepts and controls
  • 1+ years of experience within the security automation domain, including expertise in Security Content Automation Protocol (SCAP)-related schemas, such as Open Vulnerability and Assessment Language (OVAL), Extensible Configuration Checklist Description Format (XCCDF), Common Configuration Enumeration (CCE) and Common Platform Enumeration (CPE)
  • 3+ years of experience managing software product development
  • Strong project management skills and demonstrated experience
  • Communicate effectively in both written and verbal form in English
  • Strong attention to detail
  • Excellent interpersonal skills and professional demeanor
  • Must be authorized to work in the United States

Preferred Qualifications

  • 5+ years of experience in the Cyber Security/Technology field, particularly in IT system/ application configuration security
  • 5+ years of experience implementing and/or assessing network, application and/or operating system security controls
  • 3+ years of experience within the security automation domain, including expertise in Security Content Automation Protocol (SCAP)-related schemas, such as Open Vulnerability and Assessment Language (OVAL), Extensible Configuration Checklist Description Format (XCCDF), Common Configuration Enumeration (CCE) and Common Platform Enumeration (CPE)
  • 3+ years of experience managing software product development

Personal and Professional Qualities

The successful candidate will possess the personality traits, work habits, communication, and social skills necessary to work effectively within a dynamic and highly operational not-for-profit environment. This person will have exemplary personal and professional integrity and demonstrate strong interpersonal skills. In addition, the qualified candidate will have a strong desire to succeed in a nationally and internationally recognized operational environment.

Compensation

CIS offers a competitive compensation and benefits package, including a 401(k) plan, tuition reimbursement, on-site wellness program, community involvement opportunities, along with an environment that promotes growth and professional development.