The Manager, Cybersecurity Engineering position is a hands-on role that involves evaluating and enforcing security and compliance controls. This position plays an integral role in protecting the Cornerstone OnDemand (CSOD) from internal and external threats and works closely with our technology teams to define the security best practices, perform architecture and design reviews, threat modeling, conduct security assessments, and support the identification, interpretation, and remediation of threat and vulnerabilities across CSOD tech stack.

We are looking for someone with a strong background in information security and a proven ability to deliver under pressure

In this role you will…

• Design, develop, coordinate, and document the secure operation of information systems and develop best practices for securing enterprise-wide data and information systems

• Define, scope and drive cloud security initiatives to ensure we can continue to secure all-important and sensitive data across our fast-growing organization

• Participate in architecture and design reviews with development/DevOps staff to incorporate effective security standards into design

• Proactively monitor security levels of cloud environments (AWS, GCP), IT systems and establish baseline security models including patching, vulnerabilities, CIS, and endpoint controls

• Working with Enterprise Architects and other functional area architects and security engineers to ensure adequate security solutions are in place throughout all CSOD systems and platforms to mitigate identified risks sufficiently and support business objectives

• Evaluate and respond to global information technology security threats in relation to systems and recommend security changes in response to emergent threats

• Implement and maintain technology solutions to support compliance frameworks requirements including SSAE18, FedRAMP, ISO 27001 and PCI-DSS

• Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: Pipeline security, DevSecOps, SIEM, IPS, Vulnerability Scanners

• Manage team of security engineers

You’ve got what it takes if you have…

• Bachelor’s degree in an Information Technology related field of study or equivalent post-high school education and/or work-related experience

• 8+ years of experience in system, network, and/or cloud security.

• Knowledge and clear understanding of cloud-based infrastructures/software and how they affect security needs.

• Working knowledge of AWS architecture, services, and security is a plus

• Experience implementing security practices in CI/CD environment,

• Self-motivation and the ability to work under minimal supervision are a must

• Excellent at multitasking, and open to constant learning

• Energetic and positive attitude

• Excellent problem solving and analytical skills; outstanding oral and written communication skills

An extra dose of awesome if you have…

• Knowledge of microservices architectures

• Experience working on security responsibilities for a SaaS or PaaS solutions, preferably in AWS

• Basic knowledge of SQL and prior experience with programming in one or more server-side technologies such as ASP.NET Core or scripting (Python, Shell)

• Thorough understanding of SDLC and software security maturity models such as Building Security In Maturity Model (BSIMM) or OWASP Software Assurance Maturity Model (SAMM) is a plus

• Experience conducting secure code development training

• Knowledge of cryptographic tools and/or security APIs

Equal Employment Opportunity has been, and will continue to be, a fundamental commitment at Cornerstone OnDemand. All qualified applicants are given consideration regardless of race, color, gender, age, sexual orientation, national origin, marital status, citizenship status, disability, veteran status, or any other protected class as provided in applicable Federal, State, or Local fair employment laws. If you have a disability or special need that requires accommodation, please contact us at careers@csod.com