Position: Associate

Job type: Full-time

Loading ...

Job content

Job Description:

  • Work with key stakeholders in BU to ensure the security of myViewboard hardware and software products and develop the information security policy/procedures
  • Working as the leader to ensure security team on compiling different compliance including ISO 27001, SOC2, NIST SP800-171, CMMC 2.0 Level 2 etc.
  • Conduct professional trainings across different teams based on secure development and DevSecOps basis
  • Conduct assessment to ensure product security strategy is valid and succeed
  • Review and comment on new product development lifecycle and security engineering strategy
  • Direct the team to execute regular penetration test on both hardware and software platform
  • Working with external parties to maintain good standing in compliance including but not limited to SOC2, GDPR, CCPA, FERPA, COPPA, RED or CRA etc.
  • Establish the security standard and co-working across the team to mitigate the attack result
  • Working with management group to ensure the most critical direction in cyber security had been addressed
  • Familiar with cloud-native development methodology and hands-on experience on most common cloud environment including but not limited to AWS, GCP, Azure
  • Familiar in different threat modeling and threat intelligence integration
  • Hands on experience on incident handling and had solid experience to response in cyber security incidents
  • Cross-team communication and project leading experience is a must

Qualification:

  • At least 5 years of security related experiences with 1 to 2 years in leading positions
  • Hands on experience on SAST, SCA, DAST, CNAPP and security operation
  • Experience in product security and focus on value-driven security formulation
  • Hands on experience on both blue teaming and red teaming
  • Candidate who had the following certificate would be advantage for the position:

CISSP

CCSP

CSSLP

CISA

CISM

  • Hands on experiences in different compliance and regulatory standards like SOC2, GDPR, Privacy Shield, NIST 800-53, NIST SP800-171, EN 303 645, PSTI etc. is a plus
  • Experience to develop the watch list on regulations on both hardware and software
  • Hands on experience on legal negotiations with internal and external stakeholders
Loading ...
Loading ...

Deadline: 20-12-2024

Click to apply for free candidate

Apply

Loading ...

SIMILAR JOBS

Loading ...