Joe Jarzombek, a former director for Software & Supply Chain Assurance in Cyber Security and Communications (CS&C) within the Department of Homeland Security (DHS), is joining the Synopsys Software Integrity Group. In his new role, Mr. Jarzombek will lead strategic initiatives related to Synopsys’ software supply chain solutions, furthering the company’s mission to build a comprehensive software quality and security platform.
As the cyber threat landscape evolves and as software and software dependencies grow more complex, understanding and managing risk in the software supply chain is more critical than ever. Having lead public-private collaboration efforts for government interagency teams with industry, academia, and standards organizations focused on the assurance of information and communications technology products and services, Mr. Jarzombek brings a wealth of expertise in the software supply chain to the Synopsys team.
“Joe’s knowledge of the industry and extensive experience solving security challenges in the public sector make him an excellent addition to the talented team we have in the Software Integrity Group,” said Andreas Kuehlmann, senior vice president and general manager of Synopsys’ Software Integrity Group. “His expertise will have an immediate impact on the evolution of our Software Integrity Platform and on our ability to help customers mitigate software supply chain risk.”
Through its Software Integrity Platform, Synopsys provides advanced solutions for improving the quality and security of software. This comprehensive platform of automated analysis and testing technologies integrates seamlessly into the software development process and enables organizations to detect and remediate defects and security vulnerabilities early in the software development lifecycle, as well as gain security assurance and visibility with their software supply chain.
About Joe Jarzombek
Through co-sponsorship of the SSCA Forum and Working Groups, Jarzombek lead community efforts addressing cybersecurity needs in workforce education and training, security automation and processes for mitigating supply chain risks through security-enhanced development and acquisition practices, and research and development efforts focused on maturing diagnostic and measurement capabilities to provide transparency for software and supply chain external dependencies. He also sponsored several project initiatives associated with security enumerations and languages (such as CVE, OVAL, CWE, CAPEC, MAEC, etc.) to enable scalable information sharing among organizations and security researchers.
After retiring from the U.S. Air Force as a Lt. Colonel, Jarzombek served in the cybersecurity industry as vice president for product and process engineering. He later served in two software-related positions within the Office of the Secretary of Defense.
As a Project Management Professional (PMP) and Certified Secure Software Lifecycle Professional (CSSLP), Joe Jarzombek has spoken extensively on security automation, software assurance, supply chain risk management and practices for security-enhanced acquisition and development. He serves on the (ISC)2 Application Security Advisory Council and (ISC)2 Government Advisory Council. He continues to collaborate with industry and standards organizations focused on evolving practices and programs relevant to cyber assurance, cyber-physical security, and cyber safety.