Sr. Product Security Engineer

Company Description
Zayo provides mission-critical bandwidth to the world's most impactful companies, fueling the innovations that are transforming our society. Zayo's 133,000-mile network in North America and Europe includes extensive metro connectivity to thousands of buildings and data centers. Zayo's communications infrastructure solutions include dark fiber, private data networks, wavelengths, Ethernet, and dedicated Internet access. Zayo serves wireless and wireline carriers, media, tech, content, finance, healthcare and other large enterprises.
As a Senior Product and Application Security Engineer at Zayo Group, you will lead the strategic planning and execution of our Product and Application Security program. You will be responsible for ensuring the security, integrity, and resilience of our digital products, applications, and services. This role will also involve deploying a bug bounty capability to proactively identify and address vulnerabilities in our software ecosystem.
Responsibilities:

• Product and Application Security Strategy: Develop and implement a comprehensive security strategy for our products and applications, aligning with industry best practices and business objectives.
• Bug Bounty Deployment: Establish and manage a bug bounty program, fostering collaboration with security researchers to identify and remediate vulnerabilities.
• Security Assessment: Conduct security assessments and code reviews of applications to identify and mitigate security risks.
• Secure Development Practices: Promote secure coding practices and provide guidance to development teams on security-related issues.
• Incident Response: Lead incident response efforts related to product and application security incidents, ensuring swift resolution and lessons learned.
• Security Awareness: Enhance security awareness and training programs for development teams and stakeholders.
• Compliance: Ensure compliance with relevant industry standards and regulations related to product and application security.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• Proven experience in planning and executing Product and Application Security programs.
• Strong knowledge of secure coding practices, security assessment tools, and vulnerability management.
• Experience in deploying and managing bug bounty programs is a plus.
• Familiarity with industry standards and regulations, including OWASP, NIST, and GDPR.
• Excellent problem-solving and communication skills.
• Relevant cybersecurity certifications (e.g., CISSP, CSSLP) are advantageous.

Base pay range: $95,800 - $150,590, commensurate with experience
#LI-NP1
Benefits, Rewards & Wellness

• Excellent Health, Dental & Vision Insurance
• Retirement 401(k) Savings Plan
• Fitness membership discounts
• Generous paid time off policy including paid parental leave

Zayo provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, provincial or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.