Director, Product Security

As passionate about our people as we are about our mission.

What We’re All About:

Q2 is proud of delivering our mobile banking platform and technology solutions, globally, to more than 22 million end users across our 1,300 financial institutions and fintech clients.  At Q2, our mission is simple: Build strong, diverse communities by strengthening their financial institutions. We accomplish that by investing in the communities where both our customers and employees serve and live.

What Makes Q2 Special?

Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.

The Job At-A-Glance: As the Director of Product Security, you will be responsible for overseeing the security of our financial software products from design to deployment. You will provide strategic leadership and direction for a team of security professionals, ensuring security standards and practices are embedded throughout the entire product development lifecycle. This role requires a mix of deep technical expertise, a solid understanding of security architecture, and strong leadership skills to guide teams through complex security challenges.

A Typical Day:

Security Architecture & Strategy:

• Design and implement security frameworks and solutions to safeguard our financial software products.

• Lead the security strategy for product development, ensuring alignment with industry best practices, regulatory compliance (e.g., GDPR, PCI-DSS), and organizational security goals.

• Build scalable security solutions for cloud-based environments (AWS, Azure, Google Cloud, etc.) and ensure integration into the development pipeline.

Leadership & Team Development:

• Lead, mentor, and develop a high-performing team of security engineers, analysts, and architects.

• Foster a collaborative environment and maintain a culture of security awareness across cross-functional teams including product development, engineering, and operations.

• Provide guidance and direction for the team to develop skills in emerging security threats, technologies, and practices.

Cloud Security:

• Oversee the implementation of cloud-native security best practices and secure cloud infrastructure in multi-cloud environments.

• Develop and enforce cloud security policies, identity and access management (IAM), vulnerability management, and threat detection systems in large cloud platforms.

• Security Risk Management & Incident Response:

• Identify and mitigate risks related to product security and ensure proactive security measures are in place.

• Lead incident response planning and drive root cause analysis of security breaches or vulnerabilities. Develop and maintain a comprehensive security incident response plan for products and cloud environments.

Collaboration & Stakeholder Engagement:

• Partner with product, engineering, and operations leadership to ensure that security considerations are part of product roadmaps and release cycles.

• Collaborate with other senior leaders in engineering, IT, and compliance to ensure unified approaches to product security across the company.

• Continuous Improvement & Innovation:

• Stay up-to-date with the latest developments in cybersecurity threats, industry trends, and emerging technologies to proactively address future security needs.

• Recommend improvements in processes and tools to increase the overall security posture and efficiency of the product development lifecycle.

Here's what we're looking for:

• Typically requires a Bachelor’s degree in cyber security or computer science and a minimum of 12 years of related experience; or an advanced degree with 8+ years of experience; or equivalent relevant work experience. 

• Typically requires 5-7 years managing and developing employees.

• Strong experience with security in large cloud environments (AWS, Azure, Google Cloud, etc.) and cloud security architecture.

• Proven experience in designing and implementing secure software architecture and understanding of secure software development lifecycle (SDLC).

• Hands-on experience with modern threat detection, vulnerability management, and cloud-native security tools.

Technical Skills:

• Expertise in security frameworks (e.g., NIST, ISO 27001, OWASP Top 10).

• Strong knowledge of encryption, identity and access management (IAM), and secure coding practices.

• Proficiency in cloud platforms (AWS, Azure, Google Cloud) and securing cloud-native applications, APIs, and microservices.

• Familiarity with container security, DevSecOps practices, and automation of security controls.

Leadership:

• Strong people leadership skills, with experience managing, mentoring, and developing high-performing teams.

• Excellent communication skills with the ability to explain complex security concepts to non-technical stakeholders.

• Strategic thinker with a proven track record of driving security initiatives in large-scale organizations.

#LI-ET1

This position requires fluent written and oral communication in English.

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

Health & Wellness

• Hybrid Work Opportunities

• Flexible Time Off 

• Career Development & Mentoring Programs 

• Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents 

• Community Volunteering & Company Philanthropy Programs 

• Employee Peer Recognition Programs – “You Earned it”

Click here to find out more about the benefits we offer.

How We Give Back to the Community:

You can learn more about our Q2 Spark Program, Q2 Philanthropy fund, and our employee volunteering programs on our Q2 Community page. Q2 supports dozens of wide-reaching organizations, such as the African American Leadership Institute, and The Trevor Project, promoting diversity and success in leadership and technology. Other deserving beneficiaries include Resource Center helping LGBTQ communities, JDRF, and Homes for our Troops, a group helping veterans rebuild their lives with specially adapted homes.

At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.