Security Risk Management Specialist

Job Description

Canonical is seeking a Security Risk Management Specialist to drive innovation in security risk assessments and modeling. This role involves establishing and executing a strategic vision for the security risk program, working cross-functionally to identify, track, and reduce security risks across the organization. The specialist will contribute to Canonical product security, enhancing the resilience of Ubuntu users against cyber attacks, and collaborate with the Organizational Learning and Development team to develop security training materials.

What this role involves:

• Defining Canonical's security risk management standards and playbooks
• Analyzing and improving Canonical's security risk practices
• Evaluating, selecting, and implementing new security requirements, tools, and practices
• Developing Canonical security risk learning and development materials
• Participating in risk management, decision-making, and collaborative discussions
• Leading quantified risk assessments and understanding the value of qualitative data
• Developing templates and materials to help with self-service risk management actions
• Monitoring and identifying opportunities to improve the effectiveness of risk management processes
• Building evaluation methods and performance indicators to measure efficiency of security functions and capabilities.

Requirements:

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
• Expertise in threat modelling and risk management frameworks
• Broad knowledge of how to operationalize the management of security risk
• Experience in Secure Development Lifecycle and Security by Design methodology

What Canonical offers:

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events