Product Security Incident Response Manager (mfd)

Leuven - Belgium

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

The NXP Product Security Incident Response Team (PSIRT) is committed to rapidly address security vulnerabilities in NXP products by responding and documenting reported vulnerabilities and by providing customers with clear guidance on the impact severity and mitigation. See also

Our organization is growing and therefore we have this new opportunity. Were looking for an experienced security expert to work on different initiatives and projects with the goal of improving our security addition you will be responsible for identifying triaging and supporting resolution of product-related security incidents. Youll get the opportunity to collaborate across engineering security teams product managers and others with the goal of protecting our products and customers.

In this role you:

Empower our software development community in managing vulnerabilities in Third Party Components (TPS) and Open Source Software (OSS) ensuring robust security
Define and develop best practices streamline processes and drive continuous improvement initiatives.
Contribute to new regulations and standardization activities that may impact product security or our way of working such as the upcoming EU Cyber Resilience Act.
Collaborate with innovators partner with external security researchers academia and research organizations on cutting-edge projects and vulnerability submissions.
Be a key player in risk management by supporting and leading triage and vulnerability assessments of product vulnerabilities.
Work cross-functionally with internal teams (engineering product management legal etc.) to ensure timely resolution of incidents.
Own the process by generating and managing PSIRT JIRA tickets for validated vulnerabilities.
Provide updates about incident status impact and mitigation actions to relevant stakeholders.
Manage incoming Third Party vendor vulnerability pre-notifications andmonitor internal and external sources to identify signs of security incidents related to our products.

Your profile

3 years of experience in product security incident response investigation and vulnerability management across hardware and software products.
Bachelors/masters degree in engineering Computer Science Electrical Engineering Cybersecurity or a related field.
Familiarity in a Security Operations Center or PSIRT or similar security incident response teams.
Familiarity with industry-standard security frameworks standards and regulations.
Understanding of security in the following areas - embedded systems hardware and software; ability to quickly learn where needed
Interests in security concepts secure coding and security best practices
Excellent collaboration and communication skills to work effectively with cross-functional teams.
Ability to work independently taking ownership of security initiatives and improving processes.

Please note: The successful candidate may/will be responsible for security related tasks. The assignment may/will be in scope of security certifications therefore a conscious and reliable way of working is necessary.

For Austrian applicants: NXP provides market competitive compensation according to the benchmarking of the electronic and semiconductor industry. Due to the Austrian Equal Treatment Act we are obligated to state the employment group of our applicable collective bargaining agreement (CBA) Kollektivvertrag für Angestellte Gewerbe und Handwerk und in der Dienstleistung this position (fulltime) is graded in Employment Group V. Your individual experiences and expectations will be considered in the application process. Moreover we provide attractive benefits to our employees like home office flexible working time meal benefits and more.

More information about NXP in Belgium...

#LI-a8a1

Required Experience:

Manager