The Head of Product Security is responsible for leading and managing the product security program to ensure the security and integrity of all software applications. This role involves developing and implementing security strategies, policies, and procedures to protect the organisation's applications from threats and vulnerabilities. The ideal candidate will have a strong background in application security, excellent leadership skills, and the ability to work collaboratively with various teams. The Head of Product Security will work with the Director of Security (CISO) to develop and implement the Security Product strategy.
Key Responsibilities: Leadership and Strategy:Lead and mentor the product security team, fostering a culture of security excellence.Develop and implement the product security strategy in alignment with organisational goals.Provide strategic oversight and direction for all product security initiatives.Stakeholder Management:Own the relationship with product security vendors and ensure all findings are reviewed and appropriate actions are taken.Work closely with development teams, product managers (PM), and third-party groups to ensure that Conferma products are secure.Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC).Support and consult with product and development teams in the area of application security, including threat modelling and application security reviews.Prepare and present regular reports on the status of the Conferma product security to senior management.Vulnerability Management:Oversee vulnerability management assurance and ensure that teams are remediating vulnerabilities.Assist teams in reproducing, triaging, and addressing application security vulnerabilities.Lead efforts to remediate any identified vulnerabilities from pen testing engagements.Reporting and Compliance:Report to Governance, Risk, and Compliance (GRC) on all metrics required, as defined by our Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).Ensure compliance with relevant security standards and regulations.Security Controls:Own and manage controls such as continuous penetration testing & SAST tooling for all Conferma applications.Continuously evaluate and improve security controls to address emerging threats for the Conferma applications.Assist in development of security processes and automated tooling that prevent security misconfiguration and issues.
#J-18808-Ljbffr