The company I work for just started a security champion program and my boss asked me to become one.
He didn’t know much about what will be the roles and responsibilities. All he could say is that I’ll be the go-to guy for the security team in our dev team and vice versa.
I did some reading, the main pillars of the roles are –
1. Being the R&D rep in security reviews, raising the issues that require review
2. Making sure that the security program defined by the security team is properly implemented, including deploying and configuring security tools
How does it work in your organizations?
How can a security champion stay up to date with all the changes that require security attention?