Director of Product Security Architecture

As the Lead Architect and Director of Product Security Architecture for Dematic you will be critical to the advancement of security throughout the company, enabling the success and growth of the business in an environment of increasing demands for comprehensive and robust product security. Under the Vice President of Global Product Security, you will provide strategic and expertly informed technical security leadership to the product development, execution, sales, and support organizations across Dematic. You will be responsible for defining a broad and detailed technical strategy for security that encompasses all Dematic products, including next-gen software solutions, existing software solutions, and operational technology solutions. You will play a crucial role in ensuring the development of truly secure products and the operation of those products in a robustly secure environment by providing best-in-class architectural guidance and vision, while passionately pursuing personal and organizational excellence in the field of security. You will collaborate with senior technology leadership and engineering teams to both define and implement the vision and strategy of the Product Security organization. You will inspire, guide, and support our development, execution, and customer-facing teams as they continuously progress toward greater maturity with respect to security knowledge and practice. You will be relied upon as an essential resource to proactively and efficiently defend our systems and data from attack, while ensuring that the security of our products meets and exceeds all relevant regulatory requirements. As an invaluable member of a highly collaborative organization that is dedicated to serving with the utmost in excellence and integrity, you will be ever growing in technical expertise and the skills necessary to equip our team to protect our organization, our customers, and our communities.

What we offer:

• Career Development
• Competitive Compensation and Benefits
• Pay Transparency
• Global Opportunities

Learn More Here: https://www.dematic.com/en-us/about/careers/what-we-offer

Dematic provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

The base pay range for this role is estimated to be $X-Y at the time of posting. Final compensation will be determined by various factors such as work location, education, experience, knowledge, and skills.

Tasks and Qualifications:

What You Will do in This Role:

• Provide strategic and expertly informed technical security leadership to globally distributed product development, execution, sales, and support organizations across Dematic.
• Define technical security strategy that encompasses all Dematic products, including next-gen software solutions, existing software solutions, and operational technology solutions.
• Collaborate with senior leadership to both define and implement the vision and strategy of the Product Security organization.
• Drive advancement of technical and operational capabilities necessary to implement a robust product security strategy – one that is worthy of the trust placed in us by our customers and business partners.
• Provide guidance and leadership for all efforts to build security into every aspect of Dematic’s product development lifecycle, for both software and operational technology.
• Perform technical security risk assessments of internally developed as well as third-party products and systems.
• Advise and educate development teams with respect to application, cloud, and product security best practices, security automation, and the proper use of third-party security products and services.
• Build and maintain high-trust, highly collaborative relationships with teams and individuals in product development, product management, corporate security and compliance, and across the organization in general.
• Mentor application, infrastructure, and operational technology security engineers, as well as security champions globally distributed throughout the company.
• Provide guidance in response to product security incidents.
• Continuously learn, keep abreast of, and evaluate industry trends/direction and technical developments in the product and cloud security domains, and deeply engage with industry leaders to inform and direct Dematic security technology strategy.
• Perform research into and present on relevant security technology, practices, and threats.
• Work closely with a team of security staff, in conjunction with product development, to ensure company products and services withstand all foreseen and reasonable attacks.
• Engage with product management, customer sales/support, and other functions as needed to further business development from a security perspective.
• Potentially engage with customers directly as required by project leadership.​

What We Are Looking For:

• Expert development skills (both backend and frontend) in multiple languages, platforms, and frameworks, including Java, Python, C, C++, C#, JavaScript, TypeScript, Node, React, and Golang.
• Expert knowledge of application and cloud security principles, patterns, and techniques, along with the ability to apply this knowledge to analyze complex software and hardware systems, architectures, and code to uncover weaknesses and vulnerabilities.
• Expert threat modeling skills.
• Expert knowledge of AWS, GCP and/or Azure security models and best practices.
• High proficiency in, and deep knowledge of, a very broad spectrum of cloud services and their characteristics in AWS, GCP and/or Azure.
• High proficiency in identity and access management technology, principles, and patterns.
• High proficiency in container-based / Kubernetes deployments, serverless architectures, and DevSecOps continuous deployment principles, practices, and philosophy.
• Proficiency in applied cryptography, including the full spectrum of methods, algorithms, uses, and patterns.
• Proficiency in the use of Burp Suite, Zed Attack Proxy, Kali Linux, or other OffSec platforms.
• Strong ability to recognize the relative value of various competing risk mitigation strategies and make wise, business-conscious tradeoffs.
• Highly flexible and comfortable making decisions in environments with various degrees of uncertainty.
• Preference for and ability to thrive in highly collaborative work environments.
• Passionate and quick learner.
• Self-driven, highly motivated, energetic and relentless pursuer of quality and successful outcomes that benefit the broader team, organization, and community.
• Resilient and ever optimistic in the face of challenges and significant obstacles.
• Strong ability to distill complex technical concepts and systems into clear and concise language that can be grasped by less technical and non-technical staff.
• Open and direct communicator.
• Outstanding written and spoken communication skills, including public speaking and presenting before engineering, business, and executive leadership.
• Highly capable of teaching and mentoring technical staff.