• Application Deadline:
• Position: Security Risk Management Specialist


• Job Type Full Time


• Qualification BA/BSc/HND


• Experience


• Location Lagos


• Job Field ICT / Computer 
  

Description

• In security risk management we’re looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling.


• Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do. 


• To support this we need to use industry best practices paired with emerging threat information to to promote risk identification, quantification, impact analysis, and modelling to ultimately drive decision making.


• In this role, you will help establish and execute a broad strategic vision for the security risk program at Canonical.


• You will not only work within the team but also cross-functionally with various teams across the organisation.


• The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks.


• Additionally, the team collaborates with our Organisational Learning and Development team to develop playbooks and facilitate security training across Canonical.


• The security risk management team’s mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem.


• They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

Responsibilities

What you will do in this role:

• Define Canonical's security risk management  standards and playbooks


• Analyse and improve Canonical's security risk practices


• Evaluate, select and implement new security requirements, tools and practices


• Grow the presence and thought leadership of Canonical security risk management practice


• Develop Canonical security risk learning and development materials


• Work with Security leadership to present information and influence change


• Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs


• Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)


• Participate in risk management, decision-making, and collaborative discussions


• Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes


• Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action


• Develop templates and materials to help with self-service risk management actions 


• Monitor and identify opportunities to improve the effectiveness of risk management processes


• Launch campaigns to perform security assessments and help mitigate security risks across the company


• Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities.

Requirements

What we are looking for:

• An exceptional academic track record 


• Undergraduate Degree in Computer Science or STEM, or a compelling narrative about your alternative path


• Drive and a track record of going above-and-beyond expectations


• Deep personal motivation to be at the forefront of technology security


• Leadership and management ability


• Excellent business English writing and presentation skills


• Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management


• Expertise in threat modelling and risk management frameworks


• Broad knowledge of how to operationalize the management of security risk


• Experience in Secure Development Lifecycle and Security by Design methodology

What we offer you

• We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance.


• In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.


• Distributed work environment with twice-yearly team sprints in person


• Personal learning and development budget of USD 2,000 per year


• Annual compensation review


• Recognition rewards


• Annual holiday leave


• Maternity and paternity leave


• Employee Assistance Programme


• Opportunity to travel to new locations to meet colleagues


• Priority Pass, and travel upgrades for long haul company events