Key Responsibilities:
Strategic Leadership & Vision:
- Define and execute a multi-year Product Security strategy shifting from reactive patching to proactive resilience.
- Build a Security Champions program to decentralize security ownership across engineering teams.
- Translate complex technical risks into business impact for the C-suite and Board, positioning security as a business enabler.
Technical Excellence (Shift-Left & Shield-Right):
- Architect and govern secure SDLC integration with SAST, DAST, and SCA tools into automated CI/CD pipelines (GitHub, GitLab, Jenkins).
- Lead Red Teaming, vulnerability assessments, and penetration testing (VA/PT) for Web, Mobile, and Network platforms.
- Manage cloud security posture across AWS, Azure, and GCP using CSPM tools to prevent drift and misconfigurations.
- Serve as the final authority on security architecture reviews for high-impact product features.
Operational & Financial Management:
- Track metrics, KPIs, and SLA compliance to drive accountability in vulnerability remediation.
- Manage OpEx/CapEx budgets, negotiate with global vendors, and optimize security tooling.
- Lead hiring, mentorship, and annual performance reviews for a global team of security engineers and researchers.
