-
Lead the development and implementation of security strategies for products, ensuring compliance with industry standards and internal security policies.
-
Perform risk assessments, threat modeling, and vulnerability analyses for new and existing products.
-
Collaborate with product development, DevOps, and QA teams to integrate security into the product lifecycle.
-
Oversee security testing, including penetration tests, code reviews, and system audits.
-
Investigate security incidents, provide root cause analysis, and define remediation plans.
-
Establish and maintain security metrics, reporting on product security posture to leadership.
-
Mentor and guide junior security engineers, providing technical leadership and knowledge sharing.
-
Stay up to date with emerging threats, attack vectors, and security technologies relevant to product security.
-
Develop and enforce security best practices and guidelines for product teams.
-
Bachelor's or Master's degree in Computer Science, Information Security, or related field.
-
12+ years of experience in information security, with a strong focus on product security.
-
Proven expertise in threat modeling, secure software development, and vulnerability management.
-
Hands-on experience with security testing tools, penetration testing, and code analysis.
-
Strong knowledge of security standards and frameworks (e.g., OWASP, NIST, ISO 27001).
-
Familiarity with cloud security, DevSecOps practices, and CI/CD pipeline integration.
-
Excellent problem-solving, analytical, and communication skills.
-
Leadership experience, including mentoring teams and managing security projects.
-
Ability to work collaboratively across multiple teams and influence product security strategy.