Associate Director - Verizon Cybersecurity | Product Security Risk Governance
CurrentLead the Verizon Cybersecurity (VCS) Product Security Risk Governance (PSRG) team responsible for VBG Product Governance. Design, build and implement a Product Governance and E2E Risk Assessment Framework & function for the CISO organization. PSRG Product Governance Framework provides a comprehensive view into the security posture of products pre-launch (product assessments) and post-launch (E2E Top Product security risk assessments). Develop and communicate a risk based, data driven strategy in partnership with the PMO, Product, Engineering, Legal, Privacy and security teams to enable the business to develop and deliver products while securing VZ and its customers. Expand team scope across VCG for Product Governance oversight.* Execute the PSRG review process for VBG LBA product launches through product assessments, advocacy and consultation.* Perform product security risk reviews & assessments. Focus areas include – Architecture & Artifact review (HLA, MSA, CAIQ, SOC2, InfoSec Policy), Verizon Cybersecurity Policy (CPI-810/ViSF) compliance review, validation of security testing (penetration test, SAST, DAST, SCA, vulnerability scan, AWS) and review of impacted application QRM score, remediation plans and approved exceptions.* Define Project Governance & E2E Product Risk Assessment Framework | Playbook | Product Launch voting requirements.* Establish Product Governance authority, align with Stakeholders (RACI), conduct security impact analysis to ensure all respective security teams have engaged.* Facilitate a simplified operating model providing clarity to the roles and responsibilities of product teams, security teams and stakeholders.* Awards: Spotlight Award – Q4 2023 (Sr. Director)