IOHK is looking for a talented, specialised Security Manager to join our growing in-house Security team. The candidate will be responsible f...
IOHK is looking for a talented, specialised Security Manager to join our growing in-house Security team. The candidate will be responsible for working with internal teams on embedding Security into every project.
The prospective candidate will work closely with their team, and directly with research, engineering and Project Management (BA's, Test and Quality, Cryptography and management teams throughout the current and future set of projects
The individual should have an excellent understanding of Security requirements in the Development lifecycle and have an excellent and detailed understanding of the threats and risks that need to be addressed in the development life cycle, specifically in the blockchain / cryptocurrency area.
- Assessment of security requirements to meet control objectives and risk appetite
- Review of solutions to assess security compliance
- Leading teams to deliver security change in complex distributed applications
- Defining Security requirements
- Integrate usability studies, research and market analysis into product requirements to enhance user and platform security
- Establish direction for the team by prioritizing roadmaps and implement strategies for executing, measuring progress, and communicating results against these goals that will advance the organization's productivity through thoughtful technology.
- Mentor, coach, develop and support team members of the Application Security Engineering group.
- Develop strategy for a global, scalable, and optimal set of security solutions to support Security Systems Lifecycle Management
- Partner with key technical teams and stakeholders to organize and facilitate security workflow and process automation alignment discussions
- Serves as a resource to requestors of IT demand and project leaders to educate and assist them with implementing and complying with security requirements and workflow processes
- Create, update, manage and distribute updated security requirements, workflows, roadmaps and their respective detail through various tracking and reporting means.
- Oversee the regular review of current security processes, design and configuration to ensure those adhere to industry best practices, security standards and foster continuous improvement
- Establishes and maintains process governance for security standards across the various engineering-related organizations
- Proactively plans, coordinates and leads detailed training sessions with other security associates and stakeholders to educate on process changes, new tools/systems etc.
- A strong understanding of information and cyber security principles and best practices
- Strong understanding of the security requirements lifecycle process and software development lifecycle (SDLC)
- Proven experience and understanding of security analytics and code audit
- Proven expertise in developing and implementing processes, process integration and process changes
- Ability to develop and nurture strategic relationships with key stakeholders throughout the organizations.
- Ability to pick up new products and platforms quickly, transferring skills and best practices when needed
- Flexibility, ability to plan and organize, responsiveness, creativity, self-starter
- Able to build solid working relationships with peers and senior leadership
- Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organization
- Experience with the oversight and building working relationships with Managed Security Services providers, as well as other integrated vendors and third parties included in operations.
- Proven experience in leading, organizing, prioritizing and communicating tasks for security engineers.
- Excellent security engineering aptitude and the ability to provide technical mentorship and guidance
- Strong interpersonal skills with the ability to effectively present information and develop others.
- Haskell / Scala experience
- Minimum 2 Years Conceptual knowledge of the following regulations: PCI, Sarbanes-Oxley, HIPAA, GLBA, FISMA
- PHD in Cyber Security Bachelor's Degree
- Deep understanding of Application Security
- Deep technical understanding of blockchain and Cryptocurrency
- Can reason about complex & abstract problems