CISA Auditor focusing on cloud security audits for a Zurich - based international bank. Ensuring cybersecurity and identifying vulnerabilities in IT systems with risk - oriented audits.
About the role
- Product Security Manager at Drivemode leading product security program and embedding secure practices. Collaborating cross-functionally to ensure secure product lifecycle.
Responsibilities
- Define and maintain product security policies, secure development lifecycle, and product security controls.
- Identify, assess, and prioritize product security risks.
- Lead TARA/threat modeling, vulnerability management, SBOM/OSS controls, and secure development practices.
- Support PSIRT activities by ensuring appropriate triage, remediation, and engineering response from Drivemode teams.
- Define and implement controls to meet and demonstrate compliance with ISO/SAE 21434, UN R155/R156, and internal governance and security requirements.
- Deliver regular security posture reports, KPIs, and maintain training for engineering security champions.
- Define and execute product security strategy and roadmap; set policy, risk appetite, and release acceptance criteria.
- Embed secure-by-design practices across engineering: lead TARA/threat modeling, security design reviews, and security gates (CI/CD first).
- Own SBOM/OSS controls and supplier security requirements; ensure evidence for audits and acceptance.
- Run the product vulnerability program and coordinate remediation and evidence handover to other departments; support internal triage and verification.
- Define patch/update policy and oversee secure update delivery for releases and OTA where applicable.
- Report product security posture and KPIs to leadership; run the security champions and training strategy to up-skill engineering teams.
Requirements
- 7+ years in security roles with more than three years in management/lead capacity.
- Proven experience leading product security programs, TARA/threat modeling ownership, SBOM/OSS management, and vulnerability triage coordination.
- Experience with security and compliance audits.
- Strong stakeholder skills and demonstrated ability to embed security practices into agile product teams.
- Ability to collaborate effectively in English.
Benefits
- Competitive compensation
- Excellent benefits
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Cybersecurity Specialist managing compliance for DoD security transition to Zero Trust Architecture. Involves overseeing RMF activities and ensuring ATO deadlines are met in cloud environments.
Engineer II responsible for managing enterprise customer support in Security Engineering. Focused on troubleshooting and diagnosing security incidents in a hybrid work environment.
Guest Safety Agent at HRI Hospitality ensuring safety and hospitality for guests and managing outlet spaces. Maintaining a secure environment while engaging with guests and visitors in New Orleans.
Cybersecurity Architect for Saint Louis University developing and assessing security strategies and architecture. Ensuring secure IT services through effective security technologies and practices.
Senior Commercial Manager developing and executing Cyber Security strategies, managing client portfolios and leading complex negotiations in São Paulo.
Security Officer responsible for maintaining safety at WarHorse Casino. Enforcing policies, responding to incidents, and providing customer service to guests.
Manager overseeing global cybersecurity risk management at Warner Bros. Discovery. Driving risk assessments and mitigation activities while collaborating with business stakeholders.
Cyber Security Engineer at MSSP responsible for protecting client assets and information using advanced security measures. Collaborating with teams to analyze threats and recommend mitigations.
Security Engineer developing and delivering security awareness programs and hands - on IAM configurations at CFC. Playing a key role in strengthening the organization's security posture.