Head of Product Security- Tempe, Az., Sandy, Ut. Santa Clara, Ca., Austin, Tx.
The Head of Product Security will be responsible for all aspects of The BANKs Product Security Program, a corporate-wide initiative that supports THE BANKs business units in delivering best in class, secure software products to customers. In this role, you will set program strategy, manage security engagements with THE BANK business units, and maintain key relationships with THE BANKs product/application engineers. Working with other leaders you will help define and build product security capabilities. This position will be part of THE BANKs Global Security Organization and will report to the Chief Security Officer (CSO).
Key Responsibilities:
- Chair the BANK Product Security Working group, a cross-functional network of THE BANKs product security stakeholders: including engineers, security professionals, and software product managers.
- Maintain the strategic roadmap for THE BANK’s product security initiatives and measure program effectiveness.
- Lead the application security team, solely responsible for developing strong cross-team relation with Product and Technology organization, ensuring alignment, proactive work with stakeholders, and assist with aligning business needs with security requirements.
- Develop technical programs, such as Security Development Lifecycle (SDL) enhancement and implementation, product/application security testing, product certification, and product security incident response coordination.
- Lead product security engagements end-to-end by coordinating security assessments, remediation planning, and secure development integration activities.
- Establish and maintain relationships with THE BANKs software engineers and product teams to collect requirements for product/application security capabilities and projects.
- Coordinate with Technology and Product teams on product security strategy and initiatives.
- Partner with the the BANKs Training and Engineering teams to improve and expand guidance, education, and tools for software engineers.
- Consult with THE BANKs Labs, product teams and software engineers on threat modeling, secure software design, product security assessments, and remediation of software vulnerabilities.
- Ensures all standards are adhered to throughout project execution.
- Manage budgets and contracts associated with the product/application security team.
- Maintain effective working relationships with peers to seamlessly integrate new assessment services with overall objectives and activities.
- Coordinates internal and external communication, issue resolution, vendor relationships, testing plans, training plans, and successful transition to additional security teams.
Required Experience/Skills & Education:
- Extensive experience in product/application security, software development lifecycle (SDL) Implementation, secure coding standards, and managing end-to-end security functions within a technology company.
- Extensive knowledge of information and physical/application security issues and challenges.
- 10-15 years of working experience with information security technologies and solutions.
- Direct experience working with Large Financial Institution (LFI) to aligned with regulatory guidance in areas around Information Technology, Cybersecurity, Data Management, or Operational Resilience.
- A strong team player with excellent analytical and consultative skills.
- Organizational skills with attention to task details, documentation, and target dates.
- Strong written, oral, and interpersonal communication skills.
- Team orientated, willing to share knowledge and collaborate with peers.
- College diploma or university degree in the field of computer science or engineering and/or equivalent work experience.