In this role, you will manage a consumer product testing team who will implement time-bound projects to incorporate privacy and security tests for products ranging from TVs, to laptops, to fridges, to robotic vacuums. You will oversee all aspects of a wide range of product testing projects related to privacy and information security of network and Internet-connected consumer products (both hardware and software). You will own planning, development, deployment, support and successful delivery of all phases of assigned product testing work as part of an overarching marketplace change strategy. You will also have the opportunity to contribute to original investigative research with Consumer Reports journalists and advocates.
This is a great career opportunity for a researcher or technologist interested in making a measurable impact on consumer privacy, cybersecurity, and the lived quality of IoT. You will solve a steady stream of interesting challenges, be exposed to the latest hardware and software from hundreds of manufacturers, and have the opportunity to take them apart, probe them, and increase public knowledge in a way that benefits millions of people.
What you will do
- Manage complex privacy and security testing programs, ensuring appropriate planning, coordination and oversight of test projects related to data privacy and internet security.
- Manage two Privacy Project Leaders, supporting their professional development and establishing methods and tools for testingDevelop and maintain training for various teams (Technicians, Content, PLs, etc.)Responsible for program tactics, proposal development, product testing design, assessment of product and service evaluation methodologies, evaluation of outcomes and ratings as well as documenting reports of results.
- Ensure that data meet established standards for accuracy, repeatability, reproducibility, and dependability.
- Review content to ensure the information is technically accurate, defensible, and current.
- Develop and maintain relationships and coordinate activities with internal and external experts in related fields. You will determine how best to utilize relevant internal and external resources.
- Identify and contract with appropriate external resources to complete projects as necessary.
- Responsible for the Request for Proposal (RFP) process to engage resources and negotiate details of various vendor contracts and deliverables.
- Monitor and track work of external vendors to ensure strict adherence to negotiated contracts and protocols.
- You have a BS or equivalent background in addition to 7 years experience in consumer or enterprise information security, product engineering, or applicable field.
- You have 2 years of experience in directly managing and mentoring a team bringing out the best in all of your direct reports.
- You have expertise in privacy and security trends and concerns in the development and deployment of connected products as well as with penetration testing techniques and risk/attack vector analysis
- Experience with network security analysis and penetration testing tools such as Kali, Wireshark, Burp, WiFi Pineapple, Metasploit, Shodan, Snipr, etc
- You have experience with smartphone and app analysis tools, such as Android Studio, Qark, Androwarn, Lumen
Bonus points for
- Experience with tool and web development, agile workflows, OSINT tools such as Buscador and developing training materials would be preferred.
Diversity, Inclusion, and Belonging at Consumer Reports
At CR, we believe our continued ability to understand and advance the interests of all American consumers is possible only if our staff fully reflects the full cultural, racial and ethnic diversity of those consumers.
Consumer Reports is committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity or expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or other class protected by applicable law. We are proud to be an equal opportunity workplace.