Director Product Security, Edge Protection

About The Position

Requirements

• Bachelor’s degree in computer science, cybersecurity, information systems, engineering, or a related field.
• 7+ years in IT, cybersecurity, cloud/edge security, or product/application security, with significant hands-on experience in DLP technologies (endpoint, email, web).
• Demonstrated expertise in DLP policy development, monitoring, tuning, and incident response.
• Experience with DNS, TLS, CDN, WAF, website security, and external digital asset protection.
• Proven leadership in domain portfolio governance, registrar/vendor management, and global domain lifecycle operations, with a focus on data protection.
• Experience operating enterprise-scale ASM and Secure Systems Development Lifecycle programs.
• Experience collaborating with Global Security, Legal, Marketing, and Corporate Affairs leadership.
• Experience leading global teams or cross-functional security programs, with a strong DLP orientation.
• Deep technical expertise in DLP policies, monitoring, tuning, and incident response.
• Strong knowledge of DNS, domain governance, TLS, CDN/WAF platforms, and public cloud hosting patterns (AWS preferred).
• Expertise in website security, OWASP Top 10, CI/CD pipeline integration, bug bounty workflows, and external threat analysis, with a focus on data protection.
• Strong executive communication and stakeholder alignment capabilities, especially in articulating DLP strategy and business impact.
• Ability to translate complex cyber risk—especially data loss risk—into actionable business decisions.
• Strong financial management skills, including budgeting and vendor negotiation for DLP and edge protection solutions.
• Accountability
• Accountability
• Application Security
• Applied Engineering
• Attack Surface Analysis
• Business Decisions
• Client Relationship Building
• Communication
• Conflict Resolution
• Cybersecurity Risk Management
• Data Integrity
• Data Loss Prevention (DLP)
• Executive Communications
• Financial Acumen
• Financial Management
• IT Security Operations
• Leadership
• Operational Technology (OT) Security
• Persuasion
• Security Operations
• SLA Management
• Stakeholder Communications
• Strategic Planning
• Team Leadership
• Technical Advice

Nice To Haves

• Master’s degree preferred.
• Advanced certifications in DLP, cybersecurity, or information protection.

Responsibilities

• Lead the end-to-end operating model for enterprise DLP, including policy design, deployment, monitoring, and tuning, across endpoint, email, web, and external digital assets.
• Own domain lifecycle management, edge protection, WAF engineering, secure external SDLC, external attack surface management, DDoS readiness, registrar/vendor management, data integrity, and M&A domain integrations, with DLP controls embedded throughout these processes.
• Drive continuous improvement in DLP effectiveness, collaborating with business units to align data protection strategies with enterprise risk and compliance requirements.
• Integrate DLP with DNS, TLS, CDN, WAF, website security, and external digital asset protection to ensure holistic coverage and minimize data exfiltration risks.
• Operate enterprise-scale website Attack Surface Management (ASM) with a strong emphasis on identifying and mitigating data leakage vectors.
• Partner with Legal, Marketing, and Corporate Affairs to ensure DLP policies support regulatory, reputational, and business objectives.
• Lead global teams and cross-functional security programs, prioritizing DLP maturity and operational excellence.