Canonical is looking for a Security Risk Management Specialist to define and execute the strategic vision for our company-wide security risk program. You will analyze and improve our security risk practices, implement new tools, and contribute to the security of the wider open source ecosystem.
What You'll Do
- Define Canonical's security risk management standards and playbooks.
- Analyze and improve Canonical's security risk practices.
- Evaluate, select and implement new security requirements, tools and practices.
- Grow the presence and thought leadership of Canonical security risk management practice.
- Develop Canonical security risk learning and development materials.
- Work with Security leadership to present information and influence change.
- Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs.
- Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others).
- Participate in risk management, decision-making, and collaborative discussions.
- Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes.
- Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action.
- Develop templates and materials to help with self-service risk management actions.
- Monitor and identify opportunities to improve the effectiveness of risk management processes.
- Launch campaigns to perform security assessments and help mitigate security risks across the company.
- Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities.
What We're Looking For
- Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path.
- Drive and a track record of going above-and-beyond expectations.
- Deep personal motivation to be at the forefront of technology security.
- Excellent business English writing and presentation skills.
- Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management.
- Expertise in threat modelling and risk management frameworks.
- Broad knowledge of how to operationalize the management of security risk.
- Experience in Secure Development Lifecycle and Security by Design methodology.
Nice to Have
- An exceptional academic track record.
- Leadership and management ability.
Team & Environment
You will work cross-functionally with various teams across the organisation.
Benefits & Compensation
- Distributed work environment with twice-yearly team sprints in person.
- Personal learning and development budget of USD 2,000 per year.
- Annual compensation review.
- Recognition rewards.
- Annual holiday leave.
- Maternity and paternity leave.
- Employee Assistance Programme.
- Opportunity to travel to new locations to meet colleagues.
- Priority Pass, and travel upgrades for long haul company events.
Work Mode
This is a remote position. The successful candidate will be home based in the Middle East, specifically Riyadh, Saudi Arabia.
Canonical is an equal opportunity employer. We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products.
