Product Security Incident Response Manager (Cybersecurity)

TL;DR

Product Security Incident Response Manager (Cybersecurity): Addressing security vulnerabilities in NXP products by documenting reported vulnerabilities and providing customers with clear guidance. Focus on identifying, triaging, and resolving product-related security incidents, ensuring robust security posture across hardware and software products.

Location: Onsite in Leuven, Bucharest, Barcelona, Gratkorn, or Glasgow

Company

hirify.global is committed to rapidly address security vulnerabilities in its products, by responding and documenting reported vulnerabilities and by providing customers with clear guidance on the impact, severity and mitigation.

What you will do

• Empower the software development community in managing vulnerabilities in Third Party Components (TPS) and Open Source Software (OSS).
• Define and develop best practices, streamline processes, and drive continuous improvement initiatives.
• Contribute to new regulations and standardization activities that may impact product security.
• Collaborate with external security researchers, academia, and research organizations on cutting-edge projects and vulnerability submissions.
• Lead triage and vulnerability assessments of product vulnerabilities as a key player in risk management.
• Generate and manage PSIRT JIRA tickets for validated vulnerabilities and provide status updates to stakeholders.

Requirements

• 3+ years of experience in product security incident response, investigation, and vulnerability management across hardware and software products.
• Bachelor’s/master’s degree in Computer Science, Electrical Engineering, Cybersecurity, or a related field.
• Familiarity in a Security Operations Center (SOC), PSIRT, or similar security incident response teams.
• Familiarity with industry-standard security frameworks, standards, and regulations.
• Understanding of security in embedded systems, hardware, and software.
• Excellent collaboration and communication skills to work effectively with cross-functional teams.

Culture & Benefits

• Market competitive compensation according to the benchmarking of the electronic and semiconductor industry.
• Opportunity for home office and flexible working time, with meal benefits.
• Collaborate across engineering, security teams, and product managers.
• Conscious and reliable way of working is necessary due to security certifications.