Från 0 till distansjobb
på 45 dagar!

Product Security Resilience Manager

  • Externa annonser
  • Remote Stockholm
  • 2024-06-29

Hemsida ASSA ABLOY

Job Description:

Product Security Resilience Manager 

Are you passionate about Cybersecurity? Can you see limitless possibilities within security management in a progressive organization? If modern technology, problem-solving, driving best practices and delivering secure solutions resonate with you, then we have a unique opportunity for you to develop your passion toward forming the next steps in product security architecture in a truly global organization.
Join our newly built Team in Stockholm, Sweden and enjoy a collaborative culture that empowers you to build a career you can be proud of.

 
What would you do as our Product Security Resilience Manager 

This is a new position in our product security team where you’ll have the opportunity to build and shape your role. You will be responsible for leveraging our risk management to mitigate exposures due to cyber threats and disasters, in collaboration with Colleagues within the Global Product Security team in order to enhance the effectiveness of the product security program. You will also manage the Vulnerability Disclosure and Product Security Incident Response program by establishing, enhancing, monitor processes and procedures, regular testing and reporting, including training the organization. Your role will be to identify detective and preventative technology and automation to reduce the impact of security threats in advance. You will report to Director, Product Security and we’re open for you to be based in any location within Europe. 

You would also: 

  • Provide recommendations, guidance, and coordinate Product Security Incident Response activities during incidents or as a participant in a Crisis Management Team. 

  • Lead gap analysis and post incident reviews to identify learnings to improve the Product Security organization in collaboration with key stakeholders. 

  • Perform analysis of reported issues and work with product teams, partner and vendor teams to coordinate and manage vulnerabilities. 

  • Perform analysis of publicly reported vulnerabilities and attacks in order to develop proactive capabilities to systematically address the identified vulnerabilities, impacts through recommendations and training to developers and leadership.

  • Build impactful security awareness training programs to enhance corporate knowledge and understanding of existing and potential risks, threats & trends. 

  •  
    The skills and experience you need
    We are looking for someone who:

  • Has several years of experience in working with Vulnerability Disclosure or Bug Bounty program. 

  • Has demonstrated ability as a lead during incidents and investigations according to recognized standards, frameworks, and processes such as ISO/IEC 29147, ISO/IEC 30111, FIRST.org 

  • Has an understanding of and experience with common software security vulnerabilities and methods of exploitation, such as memory corruption, privilege escalation, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc. 

  • Has previous experience working in an agile engineering design and development organization as part of a security team or as a developer. 

  • Is available to support and accommodate work schedules in GMT and/or Eastern time zone. 

  • Experience in working with one or several security frameworks and standards such as MITRE ATT&CK/D3FEND, OWASP ASVS/ISVS, Cloud Controls Matrix would be beneficial, as well as any relevant certifications such as ECIH, GCIH, CISM, CSSLP or equivalent. If you have a genuine passion for both cyber security and shaping processes in a global organization, we’d love to hear from you! 

     
    What we offer 

    We’re passionate about providing amazing opportunities and benefits, so you can continue and progress a lifelong career with us – here’s what we have to offer: 

  • Learning and career development opportunities, whether it’s online learning, management training or enhancing your skills . 

  • Hybrid model of working

  • A competitive salary and incentive schemes 

  • Flexible working hours

  • Stable employment in a friendly international atmosphere

  • We review applications regularly, so don’t wait

    We are building diverse, inclusive teams, and encourage applications from everyone who can see themselves working with us. Just set up your profile and apply here, no later

    Product Security Resilience Manager 

    Are you passionate about Cybersecurity? Can you see limitless possibilities within security management in a progressive organization? If modern technology, problem-solving, driving best practices and delivering secure solutions resonate with you, then we have a unique opportunity for you to develop your passion toward forming the next steps in product security architecture in a truly global organization.
    Join our newly built Team in Stockholm, Sweden and enjoy a collaborative culture that empowers you to build a career you can be proud of.

     
    What would you do as our Product Security Resilience Manager 

    This is a new position in our product security team where you’ll have the opportunity to build and shape your role. You will be responsible for leveraging our risk management to mitigate exposures due to cyber threats and disasters, in collaboration with Colleagues within the Global Product Security team in order to enhance the effectiveness of the product security program. You will also manage the Vulnerability Disclosure and Product Security Incident Response program by establishing, enhancing, monitor processes and procedures, regular testing and reporting, including training the organization. Your role will be to identify detective and preventative technology and automation to reduce the impact of security threats in advance. You will report to Director, Product Security and we’re open for you to be based in any location within Europe. 

    You would also: 

  • Provide recommendations, guidance, and coordinate Product Security Incident Response activities during incidents or as a participant in a Crisis Management Team. 

  • Lead gap analysis and post incident reviews to identify learnings to improve the Product Security organization in collaboration with key stakeholders. 

  • Perform analysis of reported issues and work with product teams, partner and vendor teams to coordinate and manage vulnerabilities. 

  • Perform analysis of publicly reported vulnerabilities and attacks in order to develop proactive capabilities to systematically address the identified vulnerabilities, impacts through recommendations and training to developers and leadership.

  • Build impactful security awareness training programs to enhance corporate knowledge and understanding of existing and potential risks, threats & trends. 

  •  
    The skills and experience you need
    We are looking for someone who:

  • Has several years of experience in working with Vulnerability Disclosure or Bug Bounty program. 

  • Has demonstrated ability as a lead during incidents and investigations according to recognized standards, frameworks, and processes such as ISO/IEC 29147, ISO/IEC 30111, FIRST.org 

  • Has an understanding of and experience with common software security vulnerabilities and methods of exploitation, such as memory corruption, privilege escalation, web application exploitation, file format vulnerabilities, protocol-based weaknesses, etc. 

  • Has previous experience working in an agile engineering design and development organization as part of a security team or as a developer. 

  • Is available to support and accommodate work schedules in GMT and/or Eastern time zone. 

  • Experience in working with one or several security frameworks and standards such as MITRE ATT&CK/D3FEND, OWASP ASVS/ISVS, Cloud Controls Matrix would be beneficial, as well as any relevant certifications such as ECIH, GCIH, CISM, CSSLP or equivalent. If you have a genuine passion for both cyber security and shaping processes in a global organization, we’d love to hear from you! 

     
    What we offer 

    We’re passionate about providing amazing opportunities and benefits, so you can continue and progress a lifelong career with us – here’s what we have to offer: 

  • Learning and career development opportunities, whether it’s online learning, management training or enhancing your skills . 

  • Hybrid model of working

  • A competitive salary and incentive schemes 

  • Flexible working hours

  • Stable employment in a friendly international atmosphere

  • We review applications regularly, so don’t wait

    We are building diverse, inclusive teams, and encourage applications from everyone who can see themselves working with us. Just set up your profile and apply here, no later

    • Externa annonser
    • Remote Stockholm
    • 2024-06-29

    Hemsida ASSA ABLOY

    För att söka det här jobbet vänligen besök eurojobs.com.


    Du kan ansöka till det här jobbet och andra som använder din online-CV . Klicka på länken nedan för att skicka in din online CV och e-post din ansökan till denna arbetsgivare.