Product Security Program Manager
Mueller Water Products

Job Info

---

Summary

The Product Security Program Manager will be responsible for developing and maintaining Mueller's Product Security Incident Response Program. Additionally, this role will be responsible for the management and tracking of other product security projects, assessments, and audits across different departments within the organization.

Responsibilities

• Serves as Product Security Response Team (PSIRT) strategic leader
• Oversees the assessment of the initial impact of security vulnerabilities to the organization's product portfolio
• Offers leadership and guidance regarding vulnerability response and potential risk to the business
• Communicates regularly with stakeholders, both internal and external, including Mueller and 3rd party upstream and downstream suppliers
• Manages and administering PSIRT tools
• Generates and presenting metrics to report on PSIRT status
• Assigns and populating CVEs (Common Vulnerability Exposure), CVSS scoring (Common Vulnerability Scoring Solution), etc. as needed
• Evangelizing Coordinated Vulnerability Disclosure (CVD), negotiating with suppliers and security researchers, and publishing communication of a fix or mitigation via Security Advisories
• Establish and manage processes to monitor and log various external sources for security vulnerabilities and coordinate response.
• Make sure that staff follows product security procedures and guidelines through training programs and assessments
• Develop and maintain documentation on PSIRT processes and practices
• Centralize customer security assessment questionnaire and response
• Manage Trusted Supplier Program for Product Security
• Coordinate cross-functional projects across IT, corporate compliance, and other departments as needed.
• Prepare and coordinate external and internal assessments and audits

Education

• Bachelor's degree or equivalent experience
• 5+ years' experience working in a technical environment
• 1+ years' experience working in PSIRT or related incident response experience

Experience

• 5+ years' experience working in a technical environment
• 1+ years' experience working in PSIRT or related incident response experience

Competencies

• Strong communication and collaboration skills
• Experience running complex high-value projects
• Experience working with outside agencies such as Suppliers or Customers
• Experience with developing and managing Incident Response
• Excellent team building and leadership skills
• Ability to pay close attention to detail
• Experience with Atlassian suite of tools
• Strong sense of task ownership, and persistence to execute processes from beginning to end
• Familiarity with cybersecurity threats, countermeasures, and issues
• Some understanding of security practices as they relate to product security and development

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other category protected by law.

This job has expired.