Engage with customer as point of contact from towards defined customers in all security and data privacy topics.
Engage with customer on their overall security roadmap, cyber security initiatives and priorities
Assist customer with their compliance to local regulatory requirements applicable to them
Translate and communicate customer priorities and requirements to BGs
Negotiate security clauses in supply-contracts and statements of work (SoW) for services projects with customers.
Accountability of all contractual security matters towards your scope of customers.
Perform gap and impact analysis for regulatory and contractual requirements for compliance with security and privacy requirements
Security feedback and escalation on meeting the commitments made.
Supporting role with regards to customer security solution and requirements from pre-sales to delivery and CARE phase.
Coordinate (a) reporting of high-profile vulnerabilities to customers, (b) assessment of customer provided security/pen test results with R&D, and (c) negotiation of vulnerability severity, dispositions and mitigation plans with customers
Support with security incidents
Become proficient with local regulations, and interface with local regulatory bodies
Requirements :-
At least 10 years experience in R&D, Delivery or Presales related roles with at least 5 years focused on cyber security
Bachelor's degree in computer science, telecom, or engineering or equivalent experience
Familiarity with security standards (e.g. 3GPP, ISO 27001, NIST, CMMC) and security frameworks (e.g. NESAS)
Proficient in vulnerability management, vulnerability scanning tools (e.g. Anchore, Qualys and Tenable), and CVSS framework
Working knowledge of customer remote access and customer data security and privacy solutions
Experience in translating security needs to business/ solution requirements and management of those requirements
Must be able to present security related responses to customers
Ability to collaborate across Business Group/Unit boundaries
It would be nice if you also had:
Security certification (e.g. CISM, CISSP, CRISC, CISA, CCSP) is a plus
Familiarity with DevOps know-how building and deploying infrastructure with cloud deployment, build and test automation technologies like ansible, docker, jenkins, etc.
Working knowledge of deploying telco cloud security solutions including 5G deployment and challenges related to access control and data privacy