Product Security Leader – Emerging Markets

Descrizione

Job Summary**:**

As the leader of Product Security in the Emerging Markets, the Product Security Leader is responsible for the implementation and execution of security programs and practices to support a growing, global water technology company.  This position will work across product, software, and firmware development teams to identify component and system level technical risks.  This will include evaluating critical failure points, determining technical security controls to mitigate risks, and working with cross functional teams to implement features according to product road maps.

You will lead efforts to drive product security strategy, security standards implementation, and security consulting activities in partnership with customers, clients, and commercial partners for the Xylem product portfolio in the Emerging Markets. Your passion for security and in-depth knowledge will ensure that you deliver high impact results.

Essential Duties/Principal Responsibilities:

• Work with the product, devops, and systems teams to identify the right security architecture for implementing new solutions, products and modules. Develop, implement and maintain product security strategy for the entire business unit product portfolio covering IoT and smart-device suites
• Know the Xylem Emerging Markets product portfolio in depth and understand the key risks presented to systems from a variety of factors across availability, integrity, and confidentiality
• Conduct complete lifecycle security architecture and technical assessments for a wide range of products, including embedded devices, software solutions, and cloud hosting
• Collaborate with product security experts across the company to provide comprehensive support for security activities across the entire Emerging Markets install base and R&D product roadmaps
• Engage in application and domain-specific risk/threat modeling and attack surface analysis and reduction
• Provide guidance and leadership on best practices regarding security in software and firmware development
• Champion the Xylem security Systems Development Lifecycle, including security testing and risk management of vulnerabilities in software/hardware on all Transport products
• Manage the implementation of common security controls
• Provide training and education to engineering teams on security best practices
• Support commercial teams by building customer trust in the security of Xylem products
• Expert level operational support for security escalations from customers

Key Competencies:

(Job Function specific; simplified list with link to full description by Career Stage in MyHR.)

• Analytical decision making

• Influential communication

• Business focused delivery

• Inspiring accountability

• Continuous improvement mindset

• Leading people & teams (for people manager)

• Cross-boundary collaboration

• Managing change

• Design Excellence

• Planning & prioritizing work

• Developing capability (for people manager)

• Risk management

Key Relationships:

• External: Cybersecurity suppliers, industry peers, customers
• Internal: Product Managers, Engineering; Safety; Quality; Research & Development; DevOps, Developers

Qualifications: Education, Experience, Skills, Abilities, License/Certification:

Required Qualifications:

Minimal education & experience, essential skills & abilities and required license/certification to perform this job.

• 5+ years of experience in industrial products
• Demonstrated expertise in product architecture and risk management
• Experience with risk management methodologies
• Demonstrated experience interacting with customers to support commercial activities
• In-depth experience identifying and protecting against risks to industrial products from a security, safety, or quality perspective
• Demonstrated experience with implementing a sustainable product-related program with accompanying results
• Meaningful understanding of how security fits into product development cycles
• Knowledge of secure infrastructure architectures, application architectures, encryption, Cloud Security and broader security technologies.
• Knowledge of IoT network technologies (such as Bluetooth/BLE, WLAN, Z-Wave, Zigbee, identity/auth security)

Preferred Qualifications:

Additional preferences for a specific position.

• Demonstrated experience in managing risk within industrial products
• Relevant cyber security certifications
• Graduate degree in a technical discipline
• Experience in software development
• Experience with cloud IaaS security operations
• Experience with wireless technologies such as CDMA, E-HRPD, GSM, UMTS, TDS-CDMA, LTE-FDD / LTE-TDD, and 5G
• Experience with Android RIL, Telephony, C and Embedded RTOS.

Standard weekly job hours:  Monday through Friday, normal business hours (40)

Travel requirement:  Approximately 15% (domestic and international)

Disclaimer: The above information on this description has been designed to indicate the general nature and level of work performed by employees assigned to this position.  It shall not be viewed as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.  Xylem reserves the right to modify this job description or require that other tasks be performed as required by the business or job circumstances. (for example, but not limited to, personnel changes, technical developments, business needs, etc).