This role has been designated as ‘Edge’, which means you will primarily work outside of an HPE office.

Job Description:

Principal Security Technologist – Aruba Software Engineering

HPE-Aruba Networking, the global leader in wired, wireless and security networking solutions, is seeking a Principal Security Technologist for Aruba’s Software offerings.

As the Senior Director of Aruba SW Security Operations for Aruba , you will work closely with SW teams contributing to cloud application, Switch & Wireless embedded software R & D across to execute the organization’s cybersecurity strategy, with the goal of making the most secure Aruba cloud and on-prem SW offerings for our customers. This will be a critical, deeply technical, hands on Senior Director role. The critical nature, importance of this role is signified by the fact that it will report directly to the SVP of Aruba SW Engineering with oversight across the $4B Aruba portfolio and ~2000 person engineering org. This role requires extremely strong communication skills including the ability to author crisp documents and presentations for consumption by various audiences including HPE execs, sales and end customers.

The position will involve interfacing with senior leaders across the Software engineering org across multiple sites and also pan HPE organizations involved in driving the cybersecurity agenda, including HPE CTO/CISO, Aruba CSO, DevOps and SRE Sec Ops. You will represent Aruba engineering in various company level security initiative discussions in cross functional forums involving multiple orgs. You will work with executives and senior management to align, prioritize cyber security projects to ensure secure software development processes, secure engineering infrastructure across cloud, on-prem environments. You will be responsible for the development and evolution of cloud security practices partnering with security professionals within and outside the Software engineering org. You will define, implement governance processes, best practices to drive a “cyber security” centric culture, orientation across the org. You will help support security incident response working with executive and technical management stakeholders within the org as well as pan HPE stakeholders. You will bring strong thought leadership in the security domain (certifications, CVEs, compensating controls etc) and work closely with executive management and cloud product and application development teams to develop a strong security stance throughout the product development, deployment lifecycle and shepherd product security certifications working with Aruba CSO organization.

Job Requirements

• Bachelors or Master’s degree in Computer Science or related fields and 10+ years of experience in the Sec Ops, vulnerability management, CVE, incident response etc with at least 5+ years in a leadership role.
• Security certifications including CISSP, CISA, CISM or equivalent
• Deep understanding of cloud application (IaaS, PaaS), embedded software architectures, security technologies, protocols
• Strong understanding of cloud security and privacy frameworks including NIST, PCI, SOC, ISO 2700, FedRAMP and GDPR, among others
• Expertise with CASB, CIEM, CSPM, SIEM and securing CI/CD pipelines in a cloud environments
• Excellent interpersonal and communication skills

Job description

• Develop and implement security processes, controls, governance models for Aruba SW development and deployment life cycle to drive the overall cybersecurity stance across Aruba’s cloud management platform and embedded software for networking devices
• Interface with senior management in various HPE organizations involved in driving the cybersecurity agenda, including CTO/CISO, DevOps and SRE-Ops, and represent Aruba Central Engineering in all cloud security related initiatives and forums
• Work with internal and external stakeholders to understand and communicate customer specific security needs, practices, processes, policies for strategic customer accounts, working with Product Management
• Work closely with executive management and engineering teams to define best practices for security focused application development and deployment, and support security tooling including SAST, DAST and container scanning
• Prepare executive and customer facing presentations for cyber security related conversations
• Write detailed security policy and security practice guidelines to be followed across Aruba’s software offerings
• Provide strategic advice to executive management to help align business goals with cybersecurity strategy
• Drive vulnerability, risk assessments & penetration testing projects working with stakeholders & devise, coordinate, implement mitigation plans
• Support development teams in meeting security compliance with relevant cloud security frameworks and regulations including FedRAMP, PCI, SOC-2, ISO 27001 by providing in-depth technical expertise to executives and engineering management
• Identify and bring awareness of latest cybersecurity threats and lead security incident response working with executive and engineering management and direct mitigation
• Provide periodic comprehensive updates to executive management on the state of cybersecurity hygiene and compliance

Job:

Job Level:

States with Pay Range Requirement

The expected salary/wage range for a U.S.-based hire filling this position is provided below. Actual offer may vary from this range based upon geographic location, work experience, education/training, and/or skill level. If this is a sales role, then the listed salary range reflects combined base salary and target-level sales compensation pay. If this is a non-sales role, then the listed salary range reflects base salary only. Variable incentives may also be offered. Information about employee benefits offered can be found at https://myhperewards.com/main/new-hire-enrollment.html.

Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.