Security Champion
Delegator | Team |
|---|---|
Role Keepers | Designated team members |
Contact |
Purpose
The Security Champion is a secondary role for anyone that is interested in security, privacy, and/or compliance. The Security Champion is the interface between teams and the central security organization. A Security Champion drives security related topics within their team, but they are not alone. CISO and Security Captain will provide the Security Champion with resources to bring more security culture into the teams.
Key Responsibilities
List the essential responsibilities assigned to this role.
Acts as an interface between the CISO and the team to raise issues in both directions
Has an up-to-date overview over the current security risks
Helps the team to prioritize security relevant tasks
Drives security initiatives within the team
Stakeholders and Key Deliverables
Whom does this role deliver value to, and what do they need from this role?
- CISO
Serves as a primary contact for the CISO
Deliver regular security reports
- Team (including Product Owner)
Provide regular input to prioritize plannable work regarding security
Help the team identify security issues (for example through activities / exercises)
Keep track of team-related security risks
Dependencies
Who and what does this role depend on?
- CISO
General guidance
- Security Captain
Educational resources and training
Pre-defined activities / exercises the Security Champion can do with the team
Advice on coaching the team