Security Risk Strategist

This role requires a Security Risk Management Specialist to define and implement security risk management standards and playbooks, analyse and improve security risk practices, evaluate and select new security requirements, tools, and practices, and grow the presence and thought leadership of our security risk management practice.

• Create and Implement Security Frameworks: Define Canonical's security risk management standards and playbooks, ensuring seamless integration with existing processes.
• Analyse and Improve Security Practices: Conduct thorough analyses of current security risk management practices, identifying areas for improvement and implementing corrective actions.
• Evaluate and Select New Security Requirements: Assess the need for new security requirements, tools, and practices, and make informed decisions on their implementation.
• Grow Thought Leadership: Develop and maintain a strong presence and thought leadership in the field of security risk management.
• Develop Learning Materials: Create comprehensive learning materials to enhance the knowledge and skills of team members.
• Present Information and Influence Change: Collaborate with senior leadership to present information and influence change within the organization.
• Develop Key Risk Indicators: Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs.
• Apply Statistical Models: Apply statistical models to risk frameworks, such as FAIR, sensitivity analysis, and others.
• Participate in Risk Management Discussions: Engage in risk management, decision-making, and collaborative discussions.
• Lead Quantified Risk Assessments: Conduct quantified risk assessments, understand the value of qualitative data for improvements to quality and engineering processes.
• Interpret Cyber Security Risk Analyses: Interpret internal or external cyber security risk analyses in business terms, recommend a responsible course of action.
• Develop Self-Service Templates: Create templates and materials to facilitate self-service risk management actions.
• Monitor and Improve Effectiveness: Monitor and identify opportunities to improve the effectiveness of risk management processes.
• Leverage Evaluation Methods: Build evaluation methods and performance indicators to measure the efficiency of security functions and capabilities.

• Exceptional Academic Record: Possess an exceptional academic track record.
• Undergraduate Degree: Hold an undergraduate degree in Computer Science or STEM, or demonstrate a compelling alternative path.
• Drive and Motivation: Exhibit drive and personal motivation to be at the forefront of technology security.
• Leadership Ability: Demonstrate leadership and management ability.
• Business Writing and Presentation Skills: Possess excellent business English writing and presentation skills.
• Problem-Solving and Communication: Showcase problem-solving skills and excellent communication skills, with a deep technical understanding of security assessments and risk management.
• Expertise in Threat Modelling: Possess expertise in threat modelling and risk management frameworks.
• Broad Knowledge of Security Risk Management: Display broad knowledge of how to operationalize the management of security risk.
• Secure Development Lifecycle: Have experience in Secure Development Lifecycle and Security by Design methodology.

We are a pioneering tech firm at the forefront of the global move to open source. As a leader in the industry, we pride ourselves on innovation and excellence.

We recruit on a global basis and set high standards for those joining our company. We expect excellence and strive to be the best at what we do.

We foster a workplace free from discrimination, valuing diversity of experience, perspectives, and background.

• Entry level

• Full-time

• Finance and Sales

• Software Development