- Act as a dedicated point of contact for Information Security for Product and Engineering squads.
- Participate actively in product rituals, planning, and reviews as a key contributor.
- Translate security requirements into context that makes sense for developers, PMs, and product leaders.
- Identify, evaluate, and communicate security risks to non-technical stakeholders.
- Build and track risk treatment plans prioritized by business impact.
- Facilitate access management between squads and the IAM team to eliminate friction.
- Support security by design, threat modeling, and architecture reviews during development cycles.
- Promote continuous and contextualized security awareness for business teams.
Agile methodologiesRisk Management