Responsibilities:-
- Engage with customer as point of contact from towards defined customers in all security and data privacy topics.
- Engage with customer on their overall security roadmap, cyber security initiatives and priorities
- Assist customer with their compliance to local regulatory requirements applicable to them
- Translate and communicate customer priorities and requirements to BGs
- Negotiate security clauses in supply-contracts and statements of work (SoW) for services projects with customers.
- Accountability of all contractual security matters towards your scope of customers.
- Perform gap and impact analysis for regulatory and contractual requirements for compliance with security and privacy requirements
- Security feedback and escalation on meeting the commitments made.
- Supporting role with regards to customer security solution and requirements from pre-sales to delivery and CARE phase.
- Coordinate (a) reporting of high-profile vulnerabilities to customers, (b) assessment of customer provided security/pen test results with R&D, and (c) negotiation of vulnerability severity, dispositions and mitigation plans with customers
- Support with security incidents
- Become proficient with local regulations, and interface with local regulatory bodies
Requirements :-
- At least 10 years experience in R&D, Delivery or Presales related roles with at least 5 years focused on cyber security
- Bachelor's degree in computer science, telecom, or engineering or equivalent experience
- Familiarity with security standards (e.g. 3GPP, ISO 27001, NIST, CMMC) and security frameworks (e.g. NESAS)
- Proficient in vulnerability management, vulnerability scanning tools (e.g. Anchore, Qualys and Tenable), and CVSS framework
- Working knowledge of customer remote access and customer data security and privacy solutions
- Experience in translating security needs to business/ solution requirements and management of those requirements
- Must be able to present security related responses to customers
- Ability to collaborate across Business Group/Unit boundaries
It would be nice if you also had:
- Security certification (e.g. CISM, CISSP, CRISC, CISA, CCSP) is a plus
- Familiarity with DevOps know-how building and deploying infrastructure with cloud deployment, build and test automation technologies like ansible, docker, jenkins, etc.
- Working knowledge of deploying telco cloud security solutions including 5G deployment and challenges related to access control and data privacy
- Project management certification (e.g. PMI)
