Director of Product Security

About The Position

Requirements

• Deep expertise securing SaaS platforms (AWS, Azure, etc.).
• Deep expertise of modern security practices for on-premises products and adapting on-premise products to SaaS platforms.
• Experience working with engineering teams in both Azure DevOps and GitHub.
• Strong experience building and leading vulnerability scanning and management programs for infrastructure, applications, and products, including risk-based prioritization, remediation workflows, and executive reporting.
• Hands-on experience enforcing SDLC practices with engineering teams and implementing DevSecOps processes, including CI/CD pipelines and threat modeling.
• 8+ years of experience in cybersecurity, with 5+ years in application security or product security leadership roles.
• Experience managing and mentoring high-performing, geographically distributed teams.
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, NIST CSF, and related standards.

Nice To Haves

• Prior leadership experience in a SaaS or cybersecurity product company.
• Background in software development, systems engineering, or cloud architecture.
• Security certifications such as CISSP, CISM, CCSP, or CISA.
• Experience leading product security programs during periods of rapid growth, transformation, or M&A activity.

Responsibilities

• Lead and scale a globally distributed product security team of engineers and researchers.
• Serve as the strategic advisor for application and product security across all Netwrix offerings.
• Drive security architecture reviews, threat modeling, and secure SDLC practices across on-prem and SaaS product lines.
• Own and improve our security testing program, including static/dynamic analysis, SCA, fuzzing, and penetration testing.
• Coordinate vulnerability management programs across applications and products.
• Ensure appropriate prioritization of remediations and collaboration across Product Security, Product Management, and R&D.
• Publish product security advisories as needed.
• Collaborate with engineering teams to embed security into product design and operations, driving secure-by-default practices.
• Administer security education and training to engineering teams to reinforce secure coding practices.
• Ensure product security architecture meets compliance frameworks (e.g., SOC 2, ISO 27001).
• Collaborate with the broader Security Team on incident response readiness and exercises with respect to product-related security incidents.
• Represent product security’s interests in GRC and Customer Trust initiatives, including SOC/ISO audits and customer conversations.

Benefits

• Competitive Health Benefits
• Continuous Learning and Development Opportunities
• Team-Oriented, Collaborative, and Innovative Work Environment
• Regular Company Town Halls to Keep You Informed
• Opportunities for Career Growth and Advancement