Senior Director, Product Security

In this role, you will: 

• Define a clear vision and strategy for product security, together with product management, sales, and security teams, to drive the importance of product security in reducing risks and providing a competitive advantage. 
• Develop a short- and long-term security design roadmap to improve services, processes and agility. 
• Define, build, and scale product security capabilities. Develop a clear roadmap to outline all capabilities required product security targets and develop budgetary models between enterprise security and application security.
• Enforce governance over product security, which include security standards and implementation configurations, common security frameworks, cybersecurity principles to meet compliance, privacy laws and regulatory requirements. Define key performance and risk indicators to enhance transparency and tracking of development over time.
• Be a thought leader and provide direction with security practices and methodologies in product security – driving automation, best practices, and cost efficiencies.
• Develop and build a team of product security engineers to serve as the Center of Excellence around application security and work side by side with the product teams.
• Ability to foster a high performing team that can scale with the needs of the business, including attract and retain high-performing cybersecurity professionals on premises and in virtual working arrangements, grow and develop team members’ skillsets to keep pace with product iterations and ensure they are secure, and be accountable for team performance alongside empowering teams to deliver on strategic objectives effectively without micromanaging.
• Establish and implement a formalized Security Champion program and communication channels to drive a unified security voice and transparency across the enterprise.
• Promote a positive security culture focused on collaboration and creating strong relationships and trusted partnerships with product leadership and security champions across the portfolio of products aimed at improving product security practices and reducing cost.
• Adopt cybersecurity SDLC frameworks such as OWASP SAMM and SLSA, define/maintain policies and standards, and enforce them across all teams.
• Assess products for weaknesses and recommend ways to resolve them before they are exploited.
• Offer hands-on security and design support as needed across the product ecosystem.
• Serve as a central point of contact for product cybersecurity requirements, initiatives and escalations.
• Attend and participate in product meetings for security requirements with new and existing products
• Be accountable to keep product security initiatives within annual approved budgets.
• Proactively communicate security findings and recommend changes to the product ecosystem designed to mitigate security issues.
• Drive strategic initiatives and/or discrete projects on behalf of the CISO through communication and dashboards
• Perform other duties as assigned.

Your background:

• Bachelor’s Degree or equivalent from a college or university Information Technology, Information Security/Assurance, Engineering or similar area of study; demonstrated or proven experience and/or training; or equivalent combination of education and experience preferred.
• Preferably 5-plus years in a manager, director or similar leadership role in cybersecurity or app security with proven experience leading high-performing teams.
• Demonstrated technical prowess, well-versed with application security tools, public cloud providers, CI/CD platforms and container services.
• Proficient in application security, APIs, vulnerability management, threat modeling and risk management.
• Ability to support and assist with source code reviews: C/C++, Java,.NET- modern languages a plus.
• Successful track record of hiring and retaining cybersecurity professionals and multi-team collaboration.
• Experience managing an annual cybersecurity budget with expenses for internally developed, commercial and third-party tools.
• Exemplary leadership skills with experience guiding teams to prioritize and capture goals and objectives, grooming next leaders, and scaling the team for to meet business needs.
• Innate ability to forge relationships, influence and negotiation across a breadth of cross-functional teams and stakeholders of all levels in the organization, including executives. 
• Superb communication and marketing skills to effectively influence Security both internally and externally.
• Proven ability to make decisions and perform complex problem-solving activities under pressure. 
• Passion of staying up-to-date on the latest industry trends and news and the ability to leverage insights to drive strategic decisions and adoptions.
• Exceptional ability and previous experience measuring and reporting business value and risks in a clear concise manner for varying degrees of technical audiences
• Experience in driving change management and/or delivering employee training and awareness initiatives
• Experience working and delivering product or services in an agile/lean environment 
• Self-motivated, creative, and works well in areas of ambiguity

If this sounds like you and fits your experience and career goals, we’d be happy to chat.   What we offer in return is the opportunity to experience a great company culture with wonderful colleagues to learn from and collaborate with and also to enjoy:  

• Medical, dental, vision, life & disability, and financial benefits (including 401(k) retirement savings plan. Tuition Reimbursement program. Additional voluntary benefits including crucial illness/hospital indemnity, identity theft protection, auto & home insurance, legal, and pet insurance. 
• Competitive salary, bonus, and best-in-class Employee Stock Purchase Program (ESPP) with a 27-month lookback
• Flexible paid vacation time, paid day off for your birthday, and company holidays. A variety of leave plans, including Parental Leave.
• Employee Assistance Program (EAP) and an employee well-being program focusing on physical, mental, and financial health.