Senior Manager - UC Product Security

Job Description

Department Overview Unified Communications - Product Security Job Description The senior manager UC product security is responsible for a team of security engineers tasked with maintaining the UC product portfolio security posture compliant with industry standards (ISO 27K, NIST) and MSI internal standards. Basic Requirements Senior Manager - Product Security Engineering Company: Motorola Solutions Location: Bangalore About Motorola Solutions: Motorola Solutions is a leader provider of public safety solutions and specializes in providing mission-critical communications, video security, and command center solutions. Job Summary: We are seeking a highly experienced and dynamic Senior Manager of Product Security Engineering to lead and grow our team responsible for ensuring the security of our products throughout their entire lifecycle. This role requires a deep understanding of secure development practices, threat modeling, vulnerability management, and the ability to collaborate effectively with engineering, product management, and other stakeholders. The ideal candidate will be a strategic thinker with a strong technical background and a passion for building secure and resilient products. Responsibilities: Leadership and Team Management: o Lead, mentor, and grow a team of product security engineers, fostering a culture of security ownership and continuous improvement. o Define team goals, objectives, and key performance indicators (KPIs) aligned with the overall security strategy and product roadmap. o Conduct performance reviews, provide feedback, and identify opportunities for professional development and training. o Recruit, onboard, and retain top talent in product security engineering. o Effectively delegate tasks and responsibilities, ensuring efficient team operation and project delivery. Product Security Strategy and Implementation: o Develop and implement a comprehensive product security strategy that aligns with industry best practices, regulatory requirements, and the companys risk appetite. o Define and enforce secure development lifecycle (SDLC) processes, integrating security activities into every stage of product development. o Establish security requirements, guidelines, and standards for product design, development, and deployment. o Oversee the implementation of security controls and tools within the product development environment. Threat Modeling and Risk Assessment: o Lead and facilitate threat modeling exercises to identify potential security vulnerabilities and design flaws in products. o Conduct security risk assessments and provide recommendations for mitigation and remediation. o Stay abreast of emerging threats, vulnerabilities, and security trends relevant to our products and industry. Vulnerability Management: o Establish and manage a robust vulnerability management program for products, including identification, assessment, prioritization, and remediation tracking. o Oversee security testing activities, including static analysis, dynamic analysis, and penetration testing. o Collaborate with engineering teams to ensure timely and effective remediation of identified vulnerabilities. Collaboration and Communication: o Partner closely with product management, engineering teams, and other stakeholders to integrate security considerations into product planning and development. o Communicate security risks, requirements, and best practices effectively to both technical and non-technical audiences. o Collaborate with incident response teams to address product-related security incidents. o Represent the product security team in cross-functional initiatives and strategic discussions. Security Tools and Technologies: o Evaluate, select, and implement security tools and technologies to enhance product security capabilities. o Drive the adoption and effective use of security automation and orchestration within the product development pipeline. Compliance and Governance: o Ensure product security practices comply with relevant industry regulations, standards, and frameworks (e.g., GDPR, CCPA, ISO 27001, SOC 2). o Contribute to the development and maintenance of security policies and procedures related to product security. Qualifications: Bachelors or Masters degree in Computer Science, Information Security, or a related field. Minimum of 10-12 years of experience in cyber security, with a significant focus on product security engineering. Proven experience leading and managing a team of security engineers. Deep understanding of secure development principles, OWASP Top 10, and common web application and mobile security vulnerabilities. Strong experience with threat modeling methodologies and security risk assessment techniques. Hands-on experience with security testing tools and techniques (e.g., SAST, DAST, penetration testing). Familiarity with cloud security concepts and technologies (e.g., AWS, Azure, GCP). Excellent communication, collaboration, and interpersonal skills. Strong problem-solving and analytical abilities. Experience with security automation and orchestration tools is a plus. Relevant security certifications such as CISSP, CSSLP, CEH, or similar are highly desirable. Experience working in an Agile development environment. Travel Requirements Under 10% Relocation Provided None Position Type Experienced