Job Description

Your responsibilities:

All cybersecurity aspects for your assigned MSI technologies (specifically within the Software Enterprise Portfolio)

Cybersecurity throughout the complete Product Life Cycle (S-SDLC) on large and complex projects

Regulatory compliance including alignment to corporate cyber security policies and standards

Customer or Market specific Cybersecurity requirements compliance

Holistic risk-based Cybersecurity management

Support execution of Cybersecurity strategies, priorities, and roadmaps enabling MSI and the MSI Customers to fulfill their mission and goals

Support definition and driving Cybersecurity differentiators and value-adds for the portfolio

Maintain awareness of Cybersecurity industry and technology trends and drive these into the organization

Support Cybersecurity technology alignment by collaborating with others within the Cybersecurity Team

Drive and/or conduct Security Assessments

Support development of Risk Assessment and Mitigation Strategies

Support reporting on programs and products Cybersecurity status and risk posture to risk owners and senior leadership

Support Business Information Security Managers in providing pre/post sales customer support

Includes RFP/Tender reviews and responses

Customer Penetration/Scanning results analysis and remediation

Vulnerability reporting and response communications

Support Incident Response and Crisis Management Processes/Activities

Support the development of technology specific marketing materials to Brand/Marketing team

Participate in and/or drive P&S Cybersecurity Team Improvement Initiatives

Support internal and external Cybersecurity awareness initiatives, campaigns, and forums

Specific Knowledge/skills:

Experience with Software Development/Software Engineering, including S-SDLC practices (DevSecOps preferred)

Experience with security of embedded and IOT devices

Familiarity with product design/architecture reviews, threat modelling, static and/or dynamic application security testing (SAST, DAST), network scanners and Open Source / third party SW management

Knowledge and experience of security policies, standards, and processes - for example NIST SP 800-53, SOC2, ISO 27001, FedRAMP, and regulatory standards such as GDPR

Must have technical knowledge and/or experience in cloud security, SaaS, PaaS and IaaS platforms, networking, systems administration, architecture and other technical domains.

Helpful to have knowledge of cloud platforms by market leading cloud services providers such as Microsoft Azure, Amazon AWS, and Google Cloud Platform

Experience with Risk Management, Vulnerability Management and Security Assurance a plus 

Highest level of integrity in dealing with confidential and sensitive information

One or more of the following security, SW and cloud certifications preferred: CISSP, CISM, CCSP, CCSK, CCSLP, AWS and/or Microsoft Azure certifications, SANS training.

Self-starter who demonstrates complete ownership over assigned objectives and is able to work independently.

Flexible and able to adapt to changing priorities

Proactive approach and enthusiasm for problem identification and solving

Strong communication skills

Excellent interpersonal skills

Domestic and International travel <10%

Must possess some basic level of industry recognized cybersecurity certification or equivalent experience: Example: Comptia Security+ 

Basic Requirements

Bachelor’s Degree (or equivalent) or Master's Degree in Information Technology, Computer Science, Computer Engineering, or Information Security or related Degree.

Minimum 4 years of experience in IT, including in the field of information security, security operations, and/or product development with cyber focus