Head of Product Cyber Security SME

Hemel Hempstead

Job DescriptionEvery minute of every day, in nearly every country across the globe, Smiths Detection people and technology make the world a safer place. We safeguard people, business and infrastructure with the latest innovations and screening technology for aviation, ports, borders, defense, and security across 55 countries around the globeJob Purpose:We are seeking an experienced Head of Product Cyber Security to join our team. This role is pivotal in developing, sustaining, and enhancing our cyber security architecture across all products and digital applications. In this role, you will be responsible for developing and implementing a comprehensive cyber security roadmap, leading cross-cultural teams, and ensuring the protection of our software products from potential threats while effectively managing various stakeholders. The role also requires engagement with third party providers of cyber security, software, and hardware to develop a complete solution that complements the Smiths Detection product range to develop customer confidence and expands the market share for Smiths Detection.It’s an individual contributor role, working across a matrix managed organisation. Our Centre of Excellence is based in Hemel Hempstead, this is a hybrid role and the expectations are to be site based a minimum of 2 days a week.Successful candidate will have a background in IoT or Operational Technology (OT) companies, ensuring the protection of our software products from potential threats while effectively managing various stakeholders.You will also have a demonstrable background of enhancing Software Product Security (Secure Software Development), DevSecOps, threat modeling, secure coding practices, and vulnerability management.Key Responsibilities:Product Security:Lead the assessment and enhancement of security measures for all software products developed for our hardware.Conduct in-depth security assessments, penetration testing, and vulnerability assessments.Drive the development of secure coding practices and guidelines.Cyber Security Leadership:Provide strategic vision and technical leadership for product cyber security initiatives across the organization.Collaborate with senior management to establish product cyber security goals, policies, and procedures aligned with business objectives.Stay current with evolving cyber threats and industry best practices to ensure the organization's readiness and resilience.Team Leadership:Matrix management of a diverse team of product cyber security professionals across different geographical locations.Foster a collaborative and inclusive work culture that encourages innovation and excellence.Develop training programs and mentorship opportunities to nurture talent within the team.Capability Development:Identify areas of improvement, evaluate emerging technologies and industry trends, and implement best practices.Drive innovation and continuous improvement in platform and applications software development processes, methodologies, and tools.Cyber Security Roadmap:Develop and maintain a comprehensive product cyber security roadmap, outlining short-term and long-term goals and strategies.Prioritize initiatives and investments to address emerging threats and vulnerabilities effectively.Stakeholder Management:Collaborate with various stakeholders, including executives, product development teams, and customers, to ensure alignment on cyber security objectives.Effectively communicate product cyber security risks and solutions to non-technical stakeholders.Build and maintain strong relationships with external partners, vendors, and regulatory bodies.Risk Management:Identify and assess product cyber security risks associated with software products and hardware.Develop and implement risk mitigation strategies and contingency plans.Ensure compliance with relevant industry standards and regulations.Incident Response:Establish and maintain an effective incident response plan.Lead the investigation and resolution of cyber security incidents and breaches.Implement lessons learned to continuously improve the organization's security posture.Continuous Improvement:Foster a culture of continuous improvement within the capability, encouraging learning, knowledge sharing, and innovation.Stay updated with industry best practices, emerging technologies, and market trends to drive continuous enhancement of platform and applications software development capabilities.Required Skills and Experience:Experience: Significant experience in cyber security leadership roles, particularly in product security within IoT or Operational Technology (OT) companies.Technical Expertise: Proficient in DevSecOps, threat modeling, secure coding practices, and vulnerability management.Leadership:Experience leading cross-cultural and geographically distributed teams.Regulatory Knowledge: Familiar with industry standards such as ISO 27001, NIST, and GDPR.Certifications: CISSP, CISM, or CISA are a plus.Education:Bachelor’s degree in Computer Science, Cyber Security, or a related field (Master’s degree preferred).Diversity & InclusionWe believe that different perspectives and backgrounds are what make a company flourish. All qualified applicants will receive equal consideration for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, economic status, disability, age, or any other legally protected characteristics. We are proud to be an inclusive company with values grounded in equality and ethics, where we celebrate, support, and embrace diversity. We have several employee-led Employee Resources Groups (women@work, Black Employees Network, Veterans, Pride Network) providing support, enhancing career development, and contributing to personal development in the work environment and beyond.At no time during the hiring process will Smiths Detection, Smiths Group, nor any of our recruitment partners ever request payment to enable participation – including, but not limited to, interviews or testing. Avoid fraudulent requests by applying jobs directly through our career’s website (www.smithsdetection.com/careers)or LinkedIn.