Job Description

Canonical is seeking a Security Risk Management Specialist to establish and execute a strategic vision for the security risk program. This role involves identifying, tracking, and reducing security risks across the organization, utilizing industry best practices and emerging threat information. The specialist will collaborate cross-functionally, contribute to product security improvements, and share knowledge within the open-source ecosystem.

Responsibilities

• Define security risk management standards and playbooks
• Analyse and improve security risk practices
• Evaluate and implement security tools and practices
• Grow Canonical's security risk management presence
• Develop security risk learning materials
• Present information and influence change
• Develop key risk indicators
• Apply statistical models to risk frameworks
• Lead quantified risk assessments
• Interpret risk analyses and recommend action
• Develop self-service risk management materials
• Monitor and improve risk management processes
• Launch security assessment campaigns
• Build evaluation methods for security functions

Requirements

• Exceptional academic track record
• Undergraduate degree in Computer Science or STEM
• Drive and a track record of exceeding expectations
• Deep motivation in technology security
• Leadership and management ability
• Excellent business English skills
• Problem-solving and communication skills
• Expertise in threat modelling and risk management frameworks
• Knowledge of operationalizing security risk management
• Experience in Secure Development Lifecycle and Security by Design

Benefits

• No benefits