Head of Product Cyber Security SME

Smiths Detection

  • Hemel Hempstead, Hertfordshire
  • Permanent
  • Full-time
  • 17 days ago
SMITHS DETECTION MAKING THE WORLD A SAFER PLACEEvery minute of every day, in nearly every country across the globe, Smiths Detection people and technology make the world a safer place. We safeguard people, business and infrastructure with the latest innovations and screening technology for aviation, ports, borders, defense, and security across 55 countries around the globeLife At Smiths -
  • Global leader: We impact critical systems every day with sites in 17 countries and six centers of research excellence. From pioneering to powering life-changing innovation, we're delivering threat detection and screening solutions to safeguard the world from threat
  • Digital growth: A key part of our capability is the integration of digital technology across our business and our operations in more than 55 countries, will be critical to our continued success
  • Exciting opportunities: Our growth is creating exciting opportunities to work with experts in physics, chemistry, electronics, mechanics, production, computer science, and AIML
  • International environment: With some projects, work requires global collaboration and the potential to travel and grow with the business
Job DescriptionSmiths Detection is a global authority on the application, management and manufacture of world class detection and screening technology. Every minute of every day, our detection and screening technology helps to protect people and infrastructure, making the world a safer place. Our goal is simple - to provide the security, peace of mind and freedom of movement upon which the world depends. We deliver the solutions needed to protect society from the threat and illegal passage of explosives, prohibitive weapons, contraband, toxic chemicals and narcotics.The purpose of this role is to develop, sustain and enhance the organization's cyber security architecture across all the products and digital applications. The position is based in Hemel Hempstead, UK.The Head of Product Cyber Security is recognised internally as the global of lead for product cyber security. As part of the global digital and architecture group, the role works closely with Technology, Products & Marketing, Sales, Program Management, Service, Commercial and overall business management to lead our cyber security efforts across all software products designed for our hardware.In this role, you will be responsible for developing and implementing a comprehensive cyber security roadmap, leading cross-cultural teams, and ensuring the protection of our software products from potential threats while effectively managing various stakeholders. The role also requires engagement with third party providers of cyber security, software, and hardware to develop a complete solution that complements the Smiths Detection product range to develop customer confidence and expands the market share for Smiths Detection.It's an individual contributor role, working across a matrix managed organisation.Successful candidate will have a background in IoT or Operational Technology (OT) companies, ensuring the protection of our software products from potential threats while effectively managing various stakeholders.You will also have a demonstrable background of enhancing Secure Software Development, DevSecOps, Threat Modeling, Secure Coding Practices, and Vulnerability Management.Key Responsibilities:Product Security:
  • Lead the assessment and enhancement of security measures for all software products developed for our hardware.
  • Conduct in-depth security assessments, penetration testing, and vulnerability assessments.
  • Drive the development of secure coding practices and guidelines.
Cyber Security Leadership:
  • Provide strategic vision and technical leadership for product cyber security initiatives across the organization.
  • Collaborate with senior management to establish product cyber security goals, policies, and procedures aligned with business objectives.
  • Stay current with evolving cyber threats and industry best practices to ensure the organization's readiness and resilience.
Team Leadership:
  • Matrix management of a diverse team of product cyber security professionals across different geographical locations.
  • Foster a collaborative and inclusive work culture that encourages innovation and excellence.
  • Develop training programs and mentorship opportunities to nurture talent within the team.
Capability Development:
  • Identify areas of improvement, evaluate emerging technologies and industry trends, and implement best practices.
  • Drive innovation and continuous improvement in platform and applications software development processes, methodologies, and tools.
Cyber Security Roadmap:
  • Develop and maintain a comprehensive product cyber security roadmap, outlining short-term and long-term goals and strategies.
  • Prioritize initiatives and investments to address emerging threats and vulnerabilities effectively.
Stakeholder Management:
  • Collaborate with various stakeholders, including executives, product development teams, and customers, to ensure alignment on cyber security objectives.
  • Effectively communicate product cyber security risks and solutions to non-technical stakeholders.
  • Build and maintain strong relationships with external partners, vendors, and regulatory bodies.
Risk Management:
  • Identify and assess product cyber security risks associated with software products and hardware.
  • Develop and implement risk mitigation strategies and contingency plans.
  • Ensure compliance with relevant industry standards and regulations.
Incident Response:
  • Establish and maintain an effective incident response plan.
  • Lead the investigation and resolution of cyber security incidents and breaches.
  • Implement lessons learned to continuously improve the organization's security posture.
Continuous Improvement:
  • Foster a culture of continuous improvement within the capability, encouraging learning, knowledge sharing, and innovation.
  • Stay updated with industry best practices, emerging technologies, and market trends to drive continuous enhancement of platform and applications software development capabilities
Required Skills and Experience:Experience:
  • Significant experience in cyber security leadership roles, particularly in product security within IoT or Operational Technology (OT) companies.
Technical Expertise:
  • Proficient in DevSecOps, threat modeling, secure coding practices, and vulnerability management.
Leadership:
  • Experience leading cross-cultural and geographically distributed teams.
Regulatory Knowledge:
  • Familiar with industry standards such as ISO 27001, NIST, and GDPR.
Certifications:
  • CISSP, CISM, or CISA are a plus.
Soft Skills:
  • Excellent communication and interpersonal skills, strategic and analytical thinking.
Competencies and Abilities:
  • Results-Oriented: Persistent in achieving effective results that drive the business forward.
  • Influential Leadership: Acts as a role model, monitors progress, and coaches others for success.
  • Decision Making: Makes effective and timely decisions by analyzing critical information.
  • Commercial Awareness: Understands the business environment and supports commercial success.
  • Networking: Builds strong relationships internally and externally, understanding customer needs.
  • Change Management: Supports and implements continuous improvement initiatives.
Education:Bachelor's degree in Computer Science, Cyber Security, or a related field (Master's degree preferred).Diversity & InclusionWe believe that different perspectives and backgrounds are what make a company flourish. All qualified applicants will receive equal consideration for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, economic status, disability, age, or any other legally protected characteristics. We are proud to be an inclusive company with values grounded in equality and ethics, where we celebrate, support, and embrace diversity.At no time during the hiring process will Smiths Detection, Smiths Group, nor any of our recruitment partners ever request payment to enable participation - including, but not limited to, interviews or testing. Avoid fraudulent requests by applying jobs directly through our career's website ( ) or LinkedIn

Smiths Detection