Product Security Director

United States - Remote

Apply now Apply later

We are seeking a highly skilled and experienced Product Security Director to spearhead our security efforts to augment and fortify our products and runtime environments and play a critical leadership role in overseeing the design, implementation and maintenance of security controls for Omilia’s products, services, development and cloud infrastructure.

You will build trust through honesty and collaborate closely with cross-functional stakeholders in engineering, product, devops and other business units and oversee the integration of security controls and best practices within the platform, products/services, cloud infrastructure and code stack against current and evolving threats. 

Your leadership will be instrumental in enhancing security best practices throughout the development and operations pipeline, ensuring a secure and scalable product environment. You will also drive the development and implementation of a comprehensive product security program across our cloud-based applications.

Trusted Advisor:  Primary cyber security contact for Product Owners, DevOps / Software Engineers, etc. Leads the Cyber product security analysts and participates in squad team planning and sprint activities as a trusted advisor. You will collaborate closely with engineering, development and product teams to integrate security practices into every stage of the product lifecycle and ensure security and privacy are built by design.

Lead Security Initiatives: Guides and oversees the integration of security controls and best practices within the software development lifecycle. Leads the initiative of implementing security and data privacy in every phase of SDLC and participates in security audits and security risk assessments. 

Compliance: Ensures the company’s products meet and exceed compliance with industry regulations and standards, including PCI DSS, ISO 27001, GDPR and other relevant frameworks. Ensures compliance with Policies and Standards across the assigned Product and Delivery teams and provides recommendations for improvement in alignment with information  security and data protection policies and best practices. 

SSDL: Leads and contributes to SSDL training, standards and procedures documentation with regards to SDLC (for internal use, as well as for  publication). 

Incident Response: Leads the product security incident response process, including identifying, analyzing and remediating security vulnerabilities and incidents in production systems.

Tooling & Automation: Identifies opportunities for augmenting security tooling, including application security testing tools, vulnerability management solutions and security automation pipelines.

Mentorship and Training: Build and lead a high-performing security team, offering guidance, mentoring and development opportunities. Further educates internal teams on security awareness and secure development practices.

Elevating Security Awareness: Proactively elevate security awareness ensuring stakeholders are informed of significant security risks, secure coding best practices and achievements. Present security status and potential business impacts as necessary.

Engagement with CISO: Regularly meet with the Chief Information Security Officer (CISO) to discuss key security challenges, achievements, opportunities, align on strategic goals and escalate potential risks or issues that may impact the product or organization. 

Requirements

  • Extensive experience (7+ years) in product security, application security, or related fields with at least 3 years in a leadership or management role.
  • Excellent communication and interpersonal skills, with the ability to articulate complex security concepts to technical and non-technical audiences.
  • Excellent communication and stakeholder management skills, with the ability to influence security initiatives across cross-functional teams.
  • Deep understanding of DevSecOps practices, Secure Software Development Lifecycle (SSDL), application security principles and best practices (OWASP).
  • Expertise and understanding of PCI DSS, ISO 27001, GDPR and other security frameworks and standards.
  • Strong knowledge of security tools for static and dynamic analysis (SAST/DAST), vulnerability scanning, penetration testing and code review.
  • Hands-on experience with threat modeling and vulnerability management.
  • Strong understanding of cloud security across CSPs, as well as containerization and microservices security.
  • Proven ability to define and implement security processes that align with business goals while mitigating risk.
  • Experience working in an agile development environment.
  • Strong verbal and written communication in English.
  • Flexibility with working hours to accommodate collaboration with international teams.

Nice to have 

  • Bachelors or Master’s degree in Computer Science or Information Security.
  • Security certifications (e.g., CISSP, CSSLP, CCSP, AWS Solutions Architect, AWS Certified Security). 
  • Excellent understanding of AI & contact center industries.

Benefits

  • Fixed compensation;
  • Long-term employment with the working days vacation;
  • Development in professional growth (courses, training, etc);
  • Being part of successful cutting-edge technology products that are making a global impact in the service industry;
  • Proficient and fun-to-work-with colleagues;
  • Apple gear.

Omilia is proud to be an equal opportunity employer and is dedicated to fostering a diverse and inclusive workplace. We believe that embracing diversity in all its forms enriches our workplace and drives our collective success. We are committed to creating an environment where everyone feels welcomed, valued, and empowered to contribute their unique perspectives without regard to factors such as race, color, religion, gender, gender identity or expression, sexual orientation, national origin, heredity, disability, age, or veteran status, all eligible candidates will be given consideration for employment.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  2  0

Tags: Agile Application security Audits Automation AWS CCSP CISO CISSP Cloud Compliance Computer Science CSSLP DAST DevOps DevSecOps GDPR Incident response ISO 27001 Microservices OWASP PCI DSS Pentesting Privacy Product security Risk assessment SAST SDLC Vulnerabilities Vulnerability management

Perks/benefits: Career development Startup environment

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.