The Product Manager will work closely with the Greenplum field organization, customers, and prospects to identify and prioritize critical security requirements; work with the Greenplum product organization to develop timely roadmaps for delivery against these requirements; and, act as the security expert (for internal and external constituents alike) for the Greenplum product line.
- Work with EMC’s security office as well as customer/partner organizations to provide ongoing evaluation of security measures, identify any vulnerabilities, and make recommendations to reduce exposure.
- Ensure systems and client programs are designed in accordance with data protection policies and guidelines
- Work with Sales, Marketing, QA and Development to coordinate timely and proper product enhancements
- Provide internal new product features training at events and demos
- Assist in monitoring cyber security market trends and technology developments closely and help translate these into the overall product strategy
- Work closely with Product/Corporate Marketing and Marketing Communication by providing input into establishment of effective marketing and sales tools, including demos
- Manage 3rd party relationships, which are part of the Data Platform
- Act as Greenplum’s representative for all security and/or Business Continuity audits, reviews, certifications or inquiries with internal and external clients.
- Act as the Liaison between the Compliance team, Operations team and clients to ensure compliance with client needs.
- Lead product owners through the management, process and mitigation of vulnerabilities including implementing system-hardening guidelines
- Conduct Security Awareness Training.
- Maintain documentation on information protection practices, policies and procedures.
- Review new business opportunities to ensure proper privacy/security/business continuity requirements are appropriate, and adequately captured.
- Familiarity with various federal security standards and requirements including FISMA, FIPS, Common Criteria, DITSCAP, Section 508, DCID 6/3, TRM (DHS), etc
- Broad understanding of security technology.
- In depth understanding of information data protection policies and risk analysis
- Ability to perform vulnerability identification, assessment and mitigation in heterogeneous environments.
- Experience in dealing with a wide range of technical and non-technical personnel and issues.
- Have familiarity with vulnerability assessment and security auditing tools, security administration tools, security scanning tools, web application technologies, technical security implementations, multi-platform access controls, cryptography, digital certificate creation/administration, physical security controls and administration.
- Ability to instruct employees and customers? in security awareness and practices.
- Ability to relate business requirements and risks to technology implementation for security related issues.
- Strong oral and written communication skills
- Working knowledge of MS Windows, and UNIX operating system controls and platforms
- Knowledgeable of network operations, controls and components.
- In depth knowledge of business continuity & disaster recovery concepts, controls and processes.
- Must work well under tight deadlines and schedules.
- Minimum 5 years of compliance experience in what area in database applications. Federal experience a plus.
- Ability to manage several active security/compliance projects simultaneously