Security Engineering & Governance Lead
CurrentSecurity Engineering and Governance Lead• Author and oversee of PSIRT (Product Security Incident Response Team processes • Manage Security Governance, Risk, and Compliance activities across the company; ISMS oversight for ISO 27001 compliance goals and security policy change control• Key contributor of cybersecurity contents/inputs into company reports such as annual 10K and ESG reports• Manager of Security Engineering team for internal Pen testing/Red team and Threat Analysis Risk Assessment (TARA) activities• Driver of Secure life cycle maturity attainment activities using Secure-SDLC Maturity Framework (SSMF) • Drive Secure Supply Chain Risk Management oversight processes• Work closely with Security Operations team to ensure detected enterprise issues are addressed with relevant process or policy related actions• Led Software Quality team within Operations team driving and tracking software quality metrics, key performance indicators (KPIs), Internal Audits, Training, Risk Management, Root Cause Analysis based on ISO 9001 • Created Software Quality policy for companywide development practices• Drove software quality processes and audits across Timing, Automotive, Operations, and IoT teams• Defined and Launched Customer portal for sharing security disclosures