The purpose of this role is to work as part of a team providing a security third party assurance for vendors across the global business and/or to assess and monitor control effectiveness across our in-scope brands, markets and functions.

Responsibilities

• Conduct product security assessments for current and new products, evaluating them against our security requirements. 
• Collaborate with the product teams in order to prioritise and implement remediation plans for weaknesses and vulnerabilities.
• Assist with the risk management process within the Media practice area.
• Collaborate with the Cyber Operations team to ensure that vulnerabilities are raised to the appropriate product teams and work with them on the remediation.
• Ensure our third-party security assessments have been completed for Media.
• Partner and collaborate with the wider Security team (Cyber Ops, Security Architecture, Risk etc.)
• Build relationships with business and development teams.

 

Candidate Profile

Required:

• A good understanding of modern technologies, architectures, and development practices.
• Demonstrate expertise in risk assessing technical products and solutions.
• Broad knowledge of security domains and principles (secure design and coding, IAM, network security, security operations, governance/assurance and risk)
• Good understanding of SDLC and embedding security early into the lifecycle.
• Stakeholder management and interpersonal skills at both a technical and non-technical level.
• Proactive problem solver.  The ability to analyse problems from multiple perspectives to drive successful outcomes for all stakeholders.

 

Advantageous:

• Applicable security certifications or experience
• Experience working within product security and security assessment methodologies/frameworks (ISO, NIST, SOC2, PCI)