Oceaneering
Company Profile
Oceaneering is a global provider of engineered services and products, primarily to the offshore energy industry. We develop products and services for use throughout the lifecycle of an offshore oilfield, from drilling to decommissioning. We operate the world's premier fleet of work class ROVs and are a leader in offshore oilfield maintenance services, umbilicals, subsea hardware, and tooling.
Position Summary
The Security SDLC Manager leads the integration of security practices into the software development lifecycle (SDLC) across the organization. Reporting directly to the CISO, the manager ensures security is embedded from design through deployment, enabling secure‑by‑design principles and reducing application risk.
Duties and Responsibilities
Strategic Planning and Alignment
Collaborate with CISO and IT leadership to align technology initiatives with business objectives.
Identify emerging technologies and assess their impact.
Make decisions and recommendations linked to strategy and financial goals.
Define strategic imperatives linking value, enterprise needs, technology solutions.
Measure team performance against peer benchmarks and set vision to exceed.
Oversee selection, deployment, and management of application security tools.
Drive automation of security testing and reporting within development workflows.
Governance & Policy
Design process flows to eliminate nonvalue tasks.
Create, establish, and maintain policies for SDLC and secure coding practices.
Design, implement, and manage a comprehensive Secure SDLC framework.
Define security requirements and controls for each SDLC phase.
Establish and maintain secure coding standards and guidelines.
Maintain the IT SharePoint site with accurate, updated policies.
Ensure alignment with internal policies, industry standards (OWASP, NIST), and regulatory requirements (SOX, HIPAA, GDPR).
Team Leadership & Development
Build, lead, and mentor a high‑performing security team.
Foster a culture of security awareness and continuous improvement across development teams.
Provide training and guidance on secure coding practices and tools to the business and IT groups.
IT Reporting
Develop procedures and track compliance of key IT reporting and operational activities such as audit responses and mandatory training compliance.
Work with IT leadership to develop reports tracking important dates and initiatives.
Develop, track, and report on key performance metrics related to application security posture and SDLC maturity.
Essential
Strong leadership capability across responsibilities.
Broad knowledge of current and emerging technologies and strategic application.
Excellent oral and written communication skills, including business‑term technology solutions.
Ability to partner with business and IT representatives to improve processes and technology value.
Ability to stay organized and track many concurrent initiatives.
Deep understanding of SDLC, DevOps, secure coding practices, cloud tools, and multiple coding languages.
Qualifications
Bachelor’s degree in Computer Science, Cybersecurity, software development or related field.
10+ years in information security, SDLC security or similar roles.
5+ years in a leadership role.
Hands‑on experience with security tools such as Veracode, Fortify, Checkmarx, SonarQube, GitHub Advanced Security, JFrog.
Familiarity with cloud‑native development and container security (AWS, Azure, GCP).
Relevant certifications (CSSLP, CISSP, OSWE, GWAPT) are a plus.
Additional Information
This position is hybrid – remote and requires commuting to a designated office. Hybrid work schedules are determined by the hiring manager based on business need.
Pay, Benefits and Work Schedule
We offer a comprehensive and competitive benefits package. Employee benefits vary by role but may include Health and Wellness, Mental Health, Retirement Savings, Life and Disability, Paid Maternity and Parental Leave, Paid Time Off, Tuition Reimbursement, and an Employee Assistance Program.
Equal Opportunity Employer
All qualified candidates will receive consideration for all positions without regard to race, color, age, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, veteran status, disability, genetic information, or other non‑merit factors.
How to Apply
Regular full‑time employees who apply will be considered along with external candidates. Employees with less than six months in their current position are not eligible to apply. Please discuss your interest with your current manager/supervisor before submitting your application. It is highly recommended to apply through the PeopleSoft or Oceanet portals.
Seniority Level
Director
Employment Type
Full‑time
Job Function
Information Technology
Industries
Oil and Gas
Referrals increase your chances of interviewing at Oceaneering by 2x.
#J-18808-Ljbffr