Product Security Incident Response Analyst
Job Description
- Manage ticket assignment for confirmed vulnerabilities.
- Schedule and facilitate PSIRT triage meetings.
- Update tickets with priority ratings, contact details, and action items.
- Plan and coordinate security simulation exercises.
- Maintain and update PSIRT-related documentation.
- Track and implement updates on the PSIRT Confluence space.
- Track risks tied to new vulnerabilities.
- Support post-incident analysis by mapping vulnerabilities.
- Collaborate with Pen Testers to prioritize assessments.
- Monitor and support escalations tied to security advisory or fix deadlines.
- Monitor and support escalations tied to security-rated bugs and SLO breaches.
- Monitor and support escalations tied to CVE submissions.
- Monitor and support escalations tied to persistent issues within teams.
- Organize and run quarterly extended PSIRT syncs.
- Maintain PSIRT JIRA tickets and fields.
- Assist in KPI/SLO tracking and reporting to leadership.
- Present on the tracked metrics/KPIs.
- Provide actionable feedback on documentation and process improvements.
- Engage with cross-functional stakeholders with empathy, clarity, and technical insight.
- Continuously stay current with industry security trends, frameworks, and regulatory expectations.
- Equity Rewards (RSUs)
- Employee Stock Purchase Plan (ESPP)
- Insurance plans with Outpatient cover
- National Pension Scheme (NPS)
- Flexible work policy
- Childcare support
The Role
As a Product Security Incident Response Analyst (PSIRA), you’ll be at the forefront of identifying, coordinating, and supporting responses to product-related security incidents. This role is ideal for someone who thrives in fast-paced environments, enjoys cross-functional collaboration, and is passionate about improving the security posture of embedded and connected devices. You’ll be a key liaison across engineering, business units, and security stakeholders, ensuring that vulnerabilities are triaged, documented, and resolved with precision and transparency.
Meet the Team
You’ll be part of the Product Security Incident Response Team (PSIRT) — a dedicated, collaborative group of professionals working to protect the integrity of our products and the trust of our customers. Our team partners with engineering, business units, and security experts across the company to address and resolve security issues. We foster a culture of learning, mutual support, and continuous improvement, with regular simulation exercises, cross-team knowledge sharing, and opportunities to explore new areas of security operations.
Responsibilities:
Incident Coordination & Triage Support
- Manage ticket assignment for confirmed vulnerabilities from multiple sources including
- Internal and external vulnerability reports
- Relevant 3rd-party disclosures impacting products
- Schedule and facilitate PSIRT triage meetings with cross-functional teams (BU, R&D, Security App Engineering).
- Update tickets with priority ratings, contact details, and action items; follow through to closure.
Simulation Exercises & Documentation
- Plan and coordinate security simulation exercises in collaboration with the Security Incident Response Engineer.
- Maintain and update PSIRT-related documentation, including process guides (CRISIS006, PS1014), simulation plans, and lessons learned.
- Track and implement updates on the PSIRT Confluence space and contribute to change control processes.
Risk & Vulnerability Tracking
- Track risks tied to new vulnerabilities and their relation to Threat Analysis and Risk Assessments (TARAs).
- Support post-incident analysis by mapping vulnerabilities to missed opportunities in design or controls.
- Collaborate with Pen Testers to prioritize assessments based on protocol or stack exposure.
Escalation & Compliance Monitoring
Monitor and support escalations tied to:
- Security advisory or fix deadlines
- Security-rated bugs and SLO breaches
- CVE submissions relevant to our products or tech stack
- Persistent issues within teams based on SSMF (Secure Software Maturity Framework) performance
Operational & Admin Support
- Organize and run quarterly extended PSIRT syncs; track PSIRT project requests.
- Maintain PSIRT JIRA tickets and fields, ensuring up-to-date records for tracking and reporting.
- Assist in KPI/SLO tracking and reporting to leadership every quarter.
- Present on the tracked metrics/KPIs as needed
Team Support & Collaboration
- Provide actionable feedback on documentation and process improvements.
- Engage with cross-functional stakeholders with empathy, clarity, and technical insight.
- Continuously stay current with industry security trends, frameworks, and regulatory expectations.
- Bachelor’s degree in Computer Science, Computer Engineering, Systems Engineering, Information Technology, or related field.
- PMP Certification (or equivalent) with proven experience in project coordination, compliance, or security operations.
- 3+ years in a PSIRT or product security incident-related role.
- Familiar with internal controls, security best practices, and collaborative work across technical and business teams.
- Working knowledge of at least two of the following:
- Software development or debugging
- SDLC processes
- Computer networking or network security
- NIST SP 800-61, FIRST guidelines
- Excellent communication skills with the ability to influence and coordinate across levels and departments.
- Self-starter who can prioritize tasks and drive accountability with minimal supervision.
Benefits & Perks:
Not only will you be joining a highly skilled and tight-knit team where every engineer makes a significant impact on the product; we also strive for good work/life balance and to make our environment welcoming and fun.
- Equity Rewards (RSUs)
- Employee Stock Purchase Plan (ESPP)
- Insurance plans with Outpatient cover
- National Pension Scheme (NPS)
- Flexible work policy
- Childcare support
