Head of Product Security

Summary

Salary
£Competitive
Team
Compliance and approvals, Product Design, Software Engineering and Connectivity
Location
Malmesbury - United Kingdom

Description

The major focus of this role is developing our capability within the Product Security function, ensuring that cyber security is thoughtfully implemented at every stage of our product journey; from early research through to the physical products in the hands of our consumers, and for all of the supporting pieces in between such as our cloud infrastructure and mobile apps. Your security solutions will be world class and will protect our most important assets: our customers, and our intellectual property.

The Product and Manufacturing Security teams design the technology solutions that keep our manufacturing operations and connected consumer devices secure, refining our processes, stressing our systems, and making sure we’re well honed. It’s a tireless job, but the bad guys don’t rest.

Accountabilities

Your aim will be friction less security, enabling the business to achieve their output and uptime goals through intelligent security solutions and a strong cyber security culture, whilst delighting the people who use our products. Alongside the above, you'll also be responsible for the following:
  • Provide technology leadership and be accountable for the development, implementation, communication, maintenance and governance of the Cyber Security Strategy, technical architecture and roadmaps across our product domain, to include product, mobile app and cloud.
  • Lead a team of IoT Security experts, setting direction, keeping their skills current, and ensuring they are empowered to deliver leading class security solutions.
  • Become the trusted source of expertise and pro-actively provide security leadership and guidance with regards to IoT security.
  • Work closely with leadership within our Research, Design & Development function to ensure our embedded software and connected home eco-system is protected against the latest threats and that we meet (and often define) best practice and emerging standards in these domains.
  • Collaborate with our global Cyber Security teams and our 3rd Parties to ensure our business operates within security risk appetite, including regular monitoring, reporting and escalation of security events and potential risks.

Skills

  • We seek applications from individuals with an exceptional track-record of building and leading global Cyber Security teams, encompassing a range of responsibilities including IoT/connected product security, consultancy, architecture and compliance.
  • With a commercial mindset and demonstrable experience of developing strong partnerships across senior management teams within complex businesses, you'll possess the strength of character and conviction to make the tough decisions when required.
  • Expert knowledge and experience specific to product security (IoT, Mobile Application, Infrastructure, Network, Cloud, Database, Automotive).
  • Strong understanding of IT Security Controls (Identity Management, IPS/IDS, Malware, User Behaviour Analytics, Data Loss Prevention, DDoS, Cloud Security techniques, etc.).
  • Ability to evaluate & articulate risks, develop consensus, raise awareness and provide thoughtfully considered security solutions.
  • Practical knowledge of industry standard frameworks (ISO 2700x, NIST, ITIL, etc.), domain-specific frameworks (NIST 800-82, SAE J3061, ISO/SAE 21434, etc.), best practices (OWASP, CSA, etc.), and regulations (GDPR, China Cybersecurity Law, etc.).

Benefits

  • 27 days holiday plus eight statutory bank holidays
  • Pension scheme
  • Performance related bonus
  • Life assurance
  • Free on-site parking
  • Lift share scheme
  • Subsidised café and restaurants
  • Discount on Dyson machines

Posted: 24 January 2019