Director/Sr. Director, Platform and Ecosystems Security

Director/Sr. Director, Platform and Ecosystems Security

Description -

We are seeking an experienced security leader to enhance our security maturity, implement effective security controls, and ensure process excellence. This leader will focus on security engineering, architecture, and operations across three key areas:

1. Improving the security maturity of manufacturing and operational technology (OT) while reducing supply chain risks.

2. Enhancing device security and meeting regulatory standards to maintain a competitive advantage.

3. Strengthening the security maturity of web applications, AI technologies, and cloud platforms.

This role is crucial for driving security initiatives within our cloud platform and application ecosystem. It also seeks to improve developer productivity and enhance customer experience. The leader will oversee a team responsible for reviewing and recommending secure architectures, code, and design patterns. Collaboration with product and engineering teams will be essential to promote secure and customer-centric product design.

The Role:

You will lead your team in driving cross-functional efforts to operationalize business objectives while minimizing cybersecurity risks.

• Oversee the planning, execution, and management of security architecture, secure coding, and application security activities across the chip-to-cloud platform.

 

• Manage team dynamics to attract, engage, and develop outstanding engineers through recruitment, mentoring, and training.

 

• Collaborate with cross-functional teams to create a strategic vision and roadmap for security systems and product suites.

 

• Establish a security architecture vision with relevant standards and frameworks.

 

• Implement and manage SAST, DAST, and penetration testing tools to enhance code and application security.

 

• Use security-by-design frameworks to integrate security controls that ensure confidentiality, integrity, and availability.

 

• Improve architectural governance for better transparency and quality of design activities.

 

• Develop and enhance the application security program.

 

• Define and implement security requirements for cloud-based applications.

 

• Strengthen data protection strategies throughout its lifecycle.

 

• Codify security principles and standards across the organization.

 

• Oversee planning and implementation of security controls for compliance with regulations.

 

• Promote DevSecOps practices and a shift-left approach to security.

 

• Lead initiatives in manufacturing/OT security and firmware security.

 

• Collaborate with product management and owners to execute on strategic visions and software roadmaps.

 

• Provide leadership and direction to achieve project milestones and deliverables. 

Qualifications:

• Bachelor's degree or equivalent industry experience, post Graduate degree a plus
• 10+ years of experience leading security teams, including 5+ years of experience in managing managers and teams.
• 10+ years of work experience architecting, developing, and launching product security programs and/or services; in-depth knowledge of system design and architecture and experience implementing a wide range of solutions
• Strong engineering experience is also essential to ensure that architectures can be successfully implemented while factoring in ease of integration, operational overhead and user experience
• Solid understanding of security protocols, cryptography, authentication, authorization, and security controls
• Cloud experience a must, preferably with multiple cloud providers (preferably AWS & Azure)
• Experience setting up secure build pipelines, CI/CD and familiarity with modern secure development practices and solutions (e.g., Jenkins, Gitlab, Bitbucket, etc.)
• A service-oriented mentality while driving excellence across the organization
• Strong organizational skills, both for yourself and the team
• Business acumen: Proven understanding of business dynamics, goals, and product strategy. Knowledge of how Security fits into HP’s overall business
• Excellent interpersonal skills with the ability to communicate effectively verbally and in writing with all levels within the organization, including both technical and non-technical personnel
• Certified in one or more of the following: CRISC, CISA, CISM, CISSP, SANS GIAC Security Certifications, ITIL, ISO27001

Who We Are

At HP, we believe in the power of ideas. We use ideas to put technology to work for everyone. And we believe that ideas thrive best in a culture of teamwork. That is why everyone – at every level in every function, is encouraged to think big, have original ideas and express and share them. We trust anything can be achieved if you really believe in it, and we will invest in your ideas to change lives and the way people work. This vision is what sets us apart as a company. At HP, we work across borders and without limits. Global virtual teams share resources, pool their big ideas to solve our biggest business opportunities. Everyone is valued for the unique skills, experiences and perspective they bring. That’s how we work at HP. And this is how ideas and people grow.

Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The typical base pay range for this role across the U.S. is $159,650.00 - $255,450.00 annually with additional opportunities for pay in the form of bonus and/or equity. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.

Job -

Data & Information Technology

Schedule -

Full time

Shift -

No shift premium (United States of America)

Travel -

Relocation -

Equal Opportunity Employer (EEO) - 

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.

If you’d like more information about HP’s EEO Policy or your EEO rights as an applicant under the law, please click here: Equal Employment Opportunity is the Law Equal Employment Opportunity is the Law – Supplement