Remote - Job Role: Product Security Officer

Andover, MA Andover MA 01810

Date : Jun-17-21

Andover, MA

Jun-17-21

Work Authorization

US Citizen
GC
H1B
OPT EAD, CPT EAD, GC EAD, L2 EAD, H4 EAD, TN EAD

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect, Senior

Rate/Salary ($)

Market

Duration

one year

Sp. Area

Project, Product Management, Dev Ops

Sp. Skills

Risk Management

Consulting / Contract

H1B Sponsorship Available

Remote Work from Home

Required Skills :

Security, Cyber Security, Risk Management, Penetration Testing

Preferred Skills :

Domain :

Work Authorization

US Citizen
GC
OPT EAD, CPT EAD, GC EAD, L2 EAD, H4 EAD, TN EAD
H1B

Preferred Employment

Corp-Corp
W2-Permanent
W2-Contract
1099-Contract
Contract to Hire

Job Details

Experience

Architect, Senior

Rate/Salary ($)

Market

Duration

one year

Sp. Area

Project, Product Management, Dev Ops

Sp. Skills

Risk Management

Consulting / Contract

H1B Sponsorship Available

Remote Work from Home

Required Skills :

Security, Cyber Security, Risk Management, Penetration Testing

Preferred Skills :

Domain :

Info Way Solutions LLC
Fremont, CA
Post Resume to
View Contact Details &
Apply for Job

Job Description :

Job Role: Product Security Officer

Job Location: Andover, MA

Contract / C2C

Summary:

• As Product Security Officer, you are the expert (and responsible) in the your designated business ,markets and functions for activities related to products & services security, both internally and for the products, services and solutions we deliver to our customers.

The Product Security Officer works across various environments, markets and business teams to maintain and expand a world-class capability and culture around product security and ensures that formal regulations and certifications are kept up to date and adhered to.

Job Description

Responsibilities:

• Conduct Product Security Risk Assessments for Business products and solutions;

• Support the development of risk mitigation and control plans for the product in the Business;

• Ensure that all Static Code Analysis, Penetration testing, and Vulnerability assessments are completed in the Product verification phase;

• Communicate risks and recommendations to mitigate risks to the senior management;

• Identify Security Risks throughout the Product Development Life Cycle;

• Work with Cross Functional teams to provide Security Requirements Guidance and Secure by Design Guidance based on a risk based approach;

• Ensure customer security requirements are being addressed within our products;

• Support business initiatives by providing solutions based on security best practices, regulatory and customer requirements;

• Support the development of Customer security documentation/product labeling;

• Reporting on Product Security Business specific Key Performance Indicators (KPIs);

• Understand key market Regulatory Requirements;

• Supporting Group Security to drive security standards throughout the business;

• Champion the importance of product security during the life cycle of products;

• Support/localize information security training and awareness activity for product managers, program managers Quality and Regulatory and architect teams;

• Ensure compliance and act in accordance with GBP - General Business Principles policies, Product Security & Information Security;

• Support businesses in maintaining external business certifications and compliance with other (international) guidelines for information security

• Assist with business internal audits and overseeing and guiding external audits related to its products and services in the markets

• Support businesses in maintaining external business certifications and compliance with other (international) guidelines for information security

• Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets

Education/Skills and Experience Requirements:

• A Bachelor Degree or equivalent combination of education and work experience

• Minimum of 8 years in product/information security or risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)

• Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks

• Information security management or audit qualifications such as CISM, CISSP, CISA, or CRISC;

• Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting

• Familiar with Information Security Management Systems (ISO/IEC 27001). Experience in Health information security management (ISO 27799, ISO/IEC 80001, RMF for DoD, EU MDR, UL 2900)

• Familiar with Laws and regulations on privacy, data protection, and breach notification (95/46/EC, HIPAA, FDA Pre and Post Cybersecurity Requirements, ISO/TS 14265, 21CFR820, SB1386, etc.)

• Domain specific standards and approaches on privacy and product security (DICOM, IHE)

• Experience working in a large global organization

• Practical experience in highly regulated environment (FDA, SOx, Export, Privacy/GDPR, HIPAA)

• Excellent understanding of how different business units integrate into the strategic vision, business trends and the direction Security must take to support the business

• Strong interpersonal skills – communication, presentation, ability to influence and lead

• Motivated, positive attitude, and results-oriented

• Fluent in English, additional languages - an advantage

• Willingness to travel as needed