Position Overview:
Ribbon Communications is seeking an experienced Senior Cyber Security Project Manager to lead and manage our cyber security initiatives for our broad product portfolio. The successful candidate will be responsible for defining our security strategy and objectives, monitoring industry trends, maintaining a robust security posture, and collaborating with cross-functional teams to implement best practices. You will work with the product teams (R&D, PLM, Support) across our global locations to ensure we deliver secure products, and we follow established security processes.
Key Responsibilities:
· Develop a comprehensive product security strategy that aligns with the company’s goals and objectives. Communicate the strategy to relevant stakeholders and work with the product teams to adopt/align.
· Stay abreast of the latest industry trends, standards, and regulations. Provide expert recommendations to ensure the organization's security processes remain current and effective.
· Work with the team to adopt and comply with standards such as NESAS and SCS9001.
· Collaborate with cross-functional product teams to adopt and implement the security posture and standards
· Implement a security score card to assess the security posture of each product, along with the products’ security compliance and risks. Conduct reviews with stakeholders to discuss the results and necessary adjustments.
· Implement processes and tools to monitor and report on the progress of security initiatives.
· Work with product teams to conduct security risk assessments, conduct threat modeling, review their security plans, and review test results to ensure we meet our customer SLAs
· Support customer facing teams with RFPs, audits, customer requests such as security questionnaires, contract renewals/terms
· Provide support for customer security reviews, deep dives and analysis of customer reported security findings
· Provide technical support to cross-functional teams with security related matters.
· Implement a training program for the R&D team to receive proper education in security awareness, skills, and techniques, using a combination on internally developed training material as well as from 3rd parties.
Qualifications:
· Bachelor's degree in Computer Science, Information Technology, or Cyber Security
· Minimum 5 years of experience in cyber security management or a similar role.
· Hands-on experience with security tools (e.g. Nessus, Qualys, Black Duck, Trivy, DefectDojo or others)
· Experience with conducting threat modeling (e.g. Microsoft STRIDE process or other)
· Strong knowledge of cyber security standards, regulations, and best practices
· Excellent project management skills with a proven track record of leading complex security initiatives.
· Strong communication and collaboration skills, with the ability to work effectively with cross-functional and remote teams.
· Relevant certifications such as CISSP, CISM, are highly desirable.
Please Note:
'All qualified applicants will receive consideration for employment without regard to race, age, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, on the basis of disability, or other characteristic protected by applicable law.'