ADI Global is currently seeking a Product Security Compliance Lader to ensure that our products are secure and compliant throughout their lifecycle, covering design, production, and maintenance. Key responsibilities includeassessing security controls against frameworks (., NIST, ISO, IEC), managing product vulnerabilities, coordinating penetration tests, ensuring compliance with regulations like the Cyber Resilience Act, and fostering a "secure-by-design" culture within R&D
JOB DUTIES:
1. Liaise with stakeholders such as security, engineering and legal teams, vendors, and end-users regarding product compliance with internal security frameworks, adopted industry standards, and applicable cybersecurity regulation.
2. Develop, implement, and enforce product security policies, procedures, white papers regarding product security posture.
3. Monitor, interpret, and apply relevant laws and standards to products, such as CRA, RED, GDPR, CCPA, NIST RMF, ISO 27K, and how they impact ADI products.
4. Stay updated on the latest IoT security trends, regulations, standards, and best practices, ensuring ADI policies and procedures remain current and effective.
5. Conduct security audits, risk assessments, and vulnerability assessments to validate compliance.
6. Analyze supply chains to ensure components meet safety and security requirements.
7. Coordinate with engineering teams to handle security incidents and ensuring timely remediation.
8. Interface with Legal and Marketing Communications group to manage communications of security vulnerabilities in Resideo products
YOU MUST HAVE:
9. Bachelor's degree in computer science, electrical engineering, mathematics, or similar discipline.
10. A passion for product security and safety compliance so as to provide excellence to your stakeholders
11. Excellent communication and leadership skills. An excellent level of English (written and spoken)
12. Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project stakeholders
WE VALUE:
13. Certifications in security and privacy demonstrating deep practical knowledge such as CSSLP, CISSP, CISA
14. Master's degree in computer science, electrical engineering, mathematics, or similar discipline
15. Background in the legal field
WHAT'S IN IT FOR YOU:
16. Competitive salary and benefits
17. Hybrid working model
18. Excellent career development opportunities
19. Work from our modern International Head Office in Oldham
#LI-TC1
#LI-HYBRID