Director – Digital Product Security and Operations

About The Position

Requirements

• Undergraduate degree in computer science, engineering, or a related field (or 6 years equivalent work experience in digital technologies).
• 10+ years of relevant experience in leading digital product security, cloud security architecture, DevOps and operational support.
• Demonstrated experience leading global teams in cloud-native software development and delivery environments (AWS, Azure, Google Cloud).
• Mastery of automation tools and Infrastructure as Code (Terraform, Ansible, CloudFormation).
• Hands-on experience with CI/CD pipelines and tools
• Strong background in incident response, vulnerability management, and GRC processes.
• Experience collaborating with external partners, vendors, and cross-functional teams.
• Digital Product Mindset
• Collaboration/1-Team
• Cybersecurity
• Modern Cloud Native software development
• Driving Digital Innovation
• Continuous Improvement
• Operating From a Global Perspective
• Relationship Building

Nice To Haves

• Advanced degrees or certifications in cybersecurity, cloud security, or digital technology are highly desirable.
• Proven track record in achieving and maintaining compliance with SOC2, NIST, ISO27001, and similar standards.

Responsibilities

• Championing DevOps & Operational Support practices
• Identify and drive automation opportunities to streamline security and operational processes.
• Advocate for and implement Infrastructure as Code and automated security controls within CI/CD pipelines.
• Implementation of follow-the-sun operational support model
• Fostering Collaboration and Shared Ownership
• Break down silos between development, operations, and security team members.
• Promote open communication and cross-functional teamwork.
• Establish shared goals and accountability across teams.
• Technical Leadership & Security Architecture
• Design, develop, and oversee comprehensive security architectures for AWS Cloud environments.
• Familiarity and hands on experience integrating security solutions (e.g., GuardDuty, Security Hub, IAM, KMS, CSPM, SIEM, Wiz, Static code analysis tools like Mend) for holistic coverage.
• Lead the implementation of Infrastructure as Code using tools like Terraform.
• Continuous Learning and Improvement
• Foster a culture of experimentation, learning from failure, and continuous improvement.
• Invest in team training, certifications, and knowledge sharing.
• Stay updated with industry trends and emerging technologies.
• Security and Compliance
• Integrate security best practices into the DevOps lifecycle (DevSecOps).
• Lead security strategy for SOC2, NIST, ISO27001, and other regulatory certifications.
• Architect and oversee GRC processes, including risk assessments, policy development, and remediation tracking.
• Measurement and Data-Driven Decision Making
• Define and track key metrics to measure DevOps and security success.
• Use data to drive continuous improvement and optimize workflows.
• Incident Response & Vulnerability Management
• Develop and guide incident response plans, lead detection and investigation efforts, and coordinate timely resolution and root cause analysis.
• Architect vulnerability management programs, including regular assessments, penetration testing, and remediation.
• Security Awareness & Enablement
• Lead organization-wide security awareness initiatives and training.
• Foster a culture of security through strategic communication and enablement.
• Documentation & Reporting
• Define and maintain security architecture documentation, controls, incident records, and compliance activities.
• Prepare executive-level reports for stakeholders and leadership.

Benefits

• Medical, dental, life, vision, disability, 401(k), Employee Stock Purchase Plan, paid time off, and tuition reimbursement in addition to programs & benefits in support of your well-being.
• Discounts on Stanley Black & Decker tools and other partner programs.
• Competitive salary
• Comprehensive benefits plan
• Wellness program
• Retirement benefits
• Paid vacation, holidays & personal days
• Access to a wealth of state-of-the-art learning resources, including our Lean Academy and online university (where you can get certificates and specializations from renowned colleges and universities).