Job Summary

Reporting to the Head of Product & Cloud Security, the Director of Product Security will be responsible for defining and upholding the highest standards of security within our product development lifecycle. This role involves maintaining accountability for our security posture, managing remediations, and developing a strategy to modernize our people, processes, and tools. The ideal candidate will possess a deep technical understanding of security principles and practices, along with a proven track record of leading security initiatives in a dynamic environment.

Job Requirements

Define Security Standards:

• Establish and maintain comprehensive security standards and policies for product development.
• Ensure these standards are integrated into the development lifecycle from design to deployment.

• Oversee the security posture of all products and ensure compliance with internal and external security requirements.
• Implement and manage security metrics to measure and report on the effectiveness of security controls.

• Develop and deliver regular reports on the security posture of our products to senior leadership and other stakeholders.
• Provide actionable insights and recommendations based on security assessments and metrics.

• Collaborate with cross-functional teams to identify, prioritize, and remediate security vulnerabilities in upcoming product releases.
• Ensure timely and effective resolution of security issues to meet release deadlines.

• Develop and execute a strategy to modernize the security capabilities of the organization, including people, processes, and tools.
• Stay abreast of emerging security technologies and trends, and incorporate them into the security strategy.

• Provide technical leadership and guidance on security architecture, design, and implementation.
• Conduct deep technical assessments and code reviews to identify and mitigate security risks.

• Foster a culture of security awareness and collaboration across the organization.
• Communicate complex security concepts to technical and non-technical stakeholders effectively

• Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
• 10+ years of experience in information security, with a focus on product security.
• Proven experience in defining and implementing security standards and practices.
• Strong understanding and innovative approach secure software development lifecycle (SSDLC) principles.
• Experience with security assessment tools and methodologies.
• Excellent problem-solving skills and the ability to work under pressure.
• Strong communication and leadership skills.
• Relevant certifications such as CISSP, CISM, or CEH are a plus.