Ensure Smith + Nephew products and their data is secure and resilient to cybersecurity threats.
Requirements
- Hands-on cybersecurity experience
- Knowledge of cyber security standard frameworks such as HIPAA, FDA, ISO 27001/2, NIST CSF, and OWASP
- Understanding of network infrastructure, including firewalls, web proxy and/or email architecture
- Experience with different cloud computing platforms and the cloud security framework
- Ability to design, recommend, plan, guide, and support implementation of innovative security solutions
- Clear understanding of mitigating security controls, vulnerability management, penetration testing, and code security
- Experience with Vulnerability Testing, Penetration Testing, Code Analysis, Endpoint Protections
Responsibilities
- Help develop and mature Global Product Security Strategy and Secure-Software Development Life Cycle (S-SDLC)
- Oversee the definition and support the implementation of cybersecurity requirements and controls in support of multiple Smith + Nephew technologies
- Lead the creation and maintenance of Product Cybersecurity Risk Registers and Threat Models throughout the development lifecycle
- Lead the execution and integration of cybersecurity testing and assessment activities throughout the development lifecycle
- Support the identification of technical solutions and ensure the integration of automated security tools and processes to help mitigate security vulnerabilities
- Support best practice (ISO 29147/30111) product cyber security incident response (IR) activities
- Provide technical leadership and competency in communications with stakeholders outside of Smith + Nephew
Other
- 40% People Management - encourage the development and advancement of personnel on their team
- Bachelor's degree in life science, computer science, information systems and/or equivalent formal training or work experience
- 2+ years people management experience
- Strong ability to influence and think strategically
- Up to 10% domestic and international travel