Product Security, Vulnerability Response

What We Do:

Managing cyber risk, together.

Forescout delivers automated cybersecurity across the digital terrain. We empower our customers to achieve continuous alignment of their security frameworks with their digital realities, across all asset types – IT, IoT, OT, and IoMT. It is a non-stop journey, managing cyber risk through automation and data-powered insights.

What We Do:
Today the modern enterprise is an Enterprise of Things. We are on a mission to secure the Enterprise of Things with active defense by identifying, segmenting, and enforcing compliance of every connected thing. In real time. And at scale. Our unified security platform enables enterprises and government agencies to focus on Zero Trust segmentation, IT/OT convergence and OT/ICS innovation, all supporting our mission and vision.

Join us as we secure the world with our products. We are looking for resourceful and gritty individuals to collaborate as one team while ensuring a world-class customer experience. We are cyber-obsessed about addressing the world’s most challenging security problems. Innovation starts here, everyone’s ideas are valued, visionaries welcomed!

Overview:

Join the ForeScout Products Group and take part in defining and driving the future of a world-wide market-leading product suite. The Product Security team oversees security aspects in product specification, design and development, to ensure that security considerations and functionality are embedded in all stages of product creation, from conceptualization through design all the way into coding, testing and QA.

• Lead and develop our Vulnerability Response practice across GCP, AWS and Linux appliances.
• You will work cross-functionally and partner with members of Product Management, Engineering, Dev/Ops, IT Sec, Legal, Compliance, Certification, Systems Engineering, Support and Customers.
• Experience with Scans, Pen Tests (Internal & External) and related tools
• Responsible for Products Vuln Response, working with customers and researchers on their vuln findings.
• Partners with IT-Security in related corporate Incident Response
• Incident response related to the most critical vulnerabilities
• Consults for our certifications team on NIST standards, FedRAMP, Common Criteria, APL, CMVP, LINCE, etc
• Extensive experience in Operating Systems (Linux, Windows, Mac), Cloud (AWS, GCP), endpoint software, authentication, permissions, networking,
• Properly identify, remediate, communicate and create recommendations on how scale vulnerability response to increase Dev Velocity, and enable predictable product GA delivery dates
• Identify opportunities to streamline/optimize current practices to shorten delivery schedules, improve quality, and/or increase efficiency
• Champion security culture in Products organization
• Other duties and program initiatives as assigned

Responsibilities:

• Be a Security subject matter expert (SME) who will work on and in the Products Security practice
• PoC for Vuln, Exploit and Malware analysis as needed
• Leverage technical and program management skills to plan, track, collaborate and report on Security program deliverables, including scheduling and leading meetings, assigning and tracking action items, and developing status reports.
• Assess the impact of new product features, architectural changes and processes
• Be responsible for the end-to-end execution of vuln program as well as the associated deliverables
• Develop and maintain technical security documentation in accordance with customer contracts, FedRAMP, Certifications and our RFP program
• Validate engineering plans, threat modeling and certification criteria to ensure requirements are met

What You Will Bring to Forescout:

• Security proficiency: hands on keys / eyes on glass
• CISSP preferred
• You should have experience working cross-functionally and successfully collaborating with technical and business teams.
• You should have knowledge of security tools (ex Snyk, Nessus, Nmap, PCAP, etc) and experience in SDLC, CI/CD, Architecture reviews, HW, Compliance and Certifications (ex. Common Criteria, DoDIN, APL, SOC-2, FedRAMP, etc)
• You should excel in critical thinking, decision-making, organizing data, aligning technical teams and conflict management
• Experience working in and on security with products and IT teams

What Forescout Offers You:

• Competitive compensation and benefits - we cover 80% of employee and dependents' benefits premiums (US only), 401K match, generous PTO policy, and much more
• Collaborative and innovative environment - make an impact on worldwide security while working on the hottest technology
• Leadership that supports and encourages professional growth and development
• Want a glimpse of Life @ Forescout? Check us out on Facebook and Instagram
• Learn more at: forescout.com

#LI-PR1

#LI-DNI