Group Product Security Manager

Management of the Group Product Security Team and regular engagement with Senior Stakeholders; up to C-suite level

Adoption of frameworks and best practices

Proactive analysis and threat modelling of their products and services (software and hardware threat vectors, threat modelling, attack surface analysis, penetration testing, and vulnerability assessments)

Establish a strong partnership with the development and engineering teams; in order to ensure that Security is fully embedded into software/hardware development cycles

Develop and maintain a Product Security Programme, including tool and system selection, which supports secure Product Development

Develop, and build on, robust processes to scope, analyse and remediate issues raised through vulnerability Scanning and penetration testing

Production of effective Application Security reporting and metrics

Education of teams globally in Application Security threats and secured design and development

Support cross-working initiatives which support the delivery of the wider Group InfoSec Programme

What you bringTo be successful in this role, you will need to be a strong manager with a passion for problem-solving alongside a demonstrable technical track record in the consumer product and services sector.Along with this, you will need to have significant personal drive and an analytical mindset; with the ability to proactively anticipate risks and creatively resolve bottlenecks.You can expect to travel up to 30% of the time within Europe in order to connect with our European development and engineering teams. This supports our ethos of strong stakeholder collaboration and ensures that Security continues to be embedded into our product development, ultimately protecting our customer's homes and families.Required Experience

• A minimum of 8 years of experience in the Products and Services Sector - working with analysis and design of secure solutions
• Significant line management experience of technical specialists
• Demonstrable expertise with tools including: Black Duck, Burp, ZAP, BeEF, and Metasploit
• Demonstrable expertise in development methodologies and languages
• Written and Spoken Fluency in English

Desired Experience

• Relevant security certification (e.g. GSEC, CISSP, MSc in Information Security)
• Experience with IoT; particularly smart home technologies, and the business models behind them

Interested?Does this job sound interesting to you? Please contact Florine Rebel for more information or apply via the link!