Product Security Consultant

The ‘Security Operations’ team within the Product & Services Cyber organization is looking for a “ Cybersecurity Manager” to guide, and provide advisory/consulting services for all security-related efforts to Motorola's Business Units. This role will work closely with business units technology and business leaders to adopt and implement the security program, and make business-informed decisions on risk, policies, and security controls.

The ideal candidate is a cyber security expert who takes a pragmatic, risk-based approach to their work, with the ability to move seamlessly between executive-level, strategic conversations and more tactical governance and execution of security-related efforts. The candidate must be collaborative in nature, acting as a true enabler of the business and partner to BU leaders and teams, driving security outcomes through influence, and being able to think critically about the risk landscape, translating it into clear, specific objectives for business units.

Job Description

• Provide strategic & tactical consultation and thought leadership to the business unit leaders regarding information security requirements and risks, and assist with prioritization.
• Maintain and provide reporting on business unit security priorities, issues, projects, and metrics on a regular cadence, aligned with enterprise policies and processes.
• Establish and facilitate relevant reporting and governance forums to provide robust security and risk updates to the leadership.
• Lead/facilitate all security and privacy efforts, including audits/assessments, risk management & prioritization, regulatory compliance, improvement to the product lines security posture,  any mitigation work related to findings.  
• Support local customer facing teams as necessary, including answering ad-hoc questions, completing questionnaires, and joining customer calls.
• Be the accountable point of contact for any security escalations across the BU and manage/report on any resulting work efforts through completion, partnering and escalating as necessary (e.g., incident response, critical vulnerability patching, SETA program).
• Act as a force multiplier and drive the security champions program. 

Basic Requirements

• Bachelors and/or Masters degree in Computer Science, Information Technology, or related field
• 10+ years of technology management, Systems Integration, network & communications security, system  architecture experience.
• Broad knowledge across all relevant facets of a holistic, modern security program, including strong understanding of current and emerging trends and threats..
• Demonstrated track record of efficient, scaled delivery, directly taking on and providing deliverables.
• Demonstrated experience with Risk Management practices, including effectively applying risk principles to business scenarios.
• Strong understanding of common security and privacy frameworks and regulations (NIST 800-53, OWASP SAMM, NIST CSF).
• Strong technical aptitude (with hands-on experience preferred), including ability to understand technical constructs, extrapolate relevant risk, and formulate tradeoffs; ability to quickly ramp up on technical topics to provide relevant input.
• Proactive, self-starter with excellent presentation and communication skills.
• Ability to lead through influence, including at executive levels.
• Atleast one industry certification like CISSP, SSCP, Security+, or CISM.

The hiring team will work with the candidate to acquire the required knowledge through training, hands on deployment and operations, and in depth architecture discussions and development.

Candidates who closely, but not fully, fit the profile are encouraged to apply as well. We are all constantly learning in a rapidly evolving field, and continuous training & education opportunities will be provided to the selected candidate. You will have coaching and development opportunities every step of the way.