Director, Product Security Strategy and Enablement

IHGAtlanta, GA
$159,783 - $195,000Hybrid

About The Position

The Director, Product Security Strategy & Enablement is responsible for defining and operating the Product Security operating model and driving portfolio-level execution across the department. This leader translates Product Security strategy into scalable processes, governance, and execution — providing portfolio-level structure, visibility, and enablement so that work is prioritized, tracked, and reported consistently. Through standardization, automation, and AI-enabled capabilities, this role enables predictable delivery and measurable risk reduction across the program. This position sits within a unified Product Security department — established to address an accelerating, AI-driven threat landscape with enterprise-wide scope across corporate and hotel-managed environments. Reporting to the Head of Product Security, this role provides the connective operating discipline across the Vulnerability Management, Exposure Management, Application Security, and Remediation and Response functions, ensuring the organization operates cohesively as a whole rather than as separate workstreams.

Requirements

  • 10+ years of progressive security experience across multiple disciplines, technologies, or processes, including 5+ years establishing organizational structure and managing subordinate teams.
  • Substantial leadership-level experience across product and application security domains — vulnerability management, application and API security, exposure and attack-surface management, and remediation operations — with a thorough understanding of the software and system development lifecycle.
  • Expert in secure SDLC governance, security controls, and quality gates, with familiarity across the full lifecycle tooling ecosystem including SAST, SCA, DAST, secrets detection, API security, cloud posture, and attack-surface and asset-management tooling.
  • Demonstrated experience defining and operating an operating model — processes, governance, decision forums, and execution cadence — across multiple functions or workstreams, with strong portfolio and program management capability from conception through implementation (milestones, risks, success criteria).
  • Proven experience owning budgets, tool portfolios, statements of work, vendor contracts, and vendor performance, with general knowledge of budgeting, cost estimation, and scheduling; skilled at defining KPIs and metrics and driving maturity improvement with strong executive reporting.
  • Working knowledge of compliance and audit enablement for product-security-related controls (e.g., PCI, SOX), including evidence coordination and control monitoring, and familiarity applying automation and AI-enabled capabilities to scale security workflows.
  • Demonstrated effectiveness in executive presentation, escalation management, and leadership by influence — able to build relationships with senior technology and business leaders, adapt to multiple management styles, and communicate highly technical information clearly across all levels of the organization.
  • Proven change agent and team builder — result-focused, action-oriented, and able to manage changing priorities in a highly dynamic environment while leading, developing, and inspiring multi-disciplined teams.

Responsibilities

  • Set and operationalize Product Security strategy across people, process, and tooling — defining the roadmap, setting OKRs, and running planning, prioritization, and review cadences that translate strategy into execution.
  • Establish and operate the Product Security operating model — including documented processes, decision forums, decision rights, execution standards, and governance cadences across all workstreams.
  • Provide portfolio-level structure and executive visibility into outcomes — ensuring work across Vulnerability Management, Exposure Management, Application Security, and Remediation and Response is prioritized, tracked, and consistently reported through KPIs, leadership updates, and monthly and quarterly business reviews.
  • Own portfolio, budget, and vendor management — including budget forecasting, the security tool portfolio, renewals, statements of work, and vendor performance — in partnership with Finance and Procurement.
  • Define, enforce, and mature secure SDLC governance — establishing mandatory security requirements and quality gates across planning, design, build, release, and operate; governing threat modeling standards and integration; and managing exceptions, risk acceptances, compensating controls, and their expirations.
  • Lead continuous compliance and audit enablement for product-security-related controls — coordinating evidence, embedding and monitoring controls, and driving remediation of audit findings to closure.
  • Govern large and/or complex remediation programs — providing program-level structure, milestones, and escalation paths — and enable scale and efficiency through process standardization, automation, and AI-enabled capabilities that reduce manual effort and increase execution consistency.
  • Lead, coach, and develop the portfolio, programs, and compliance functions while partnering with Product Security leaders and cross-functional stakeholders across ETS, the broader Product and Technology organization, business information security officers, centers of excellence, Finance, and Procurement to align strategy, delivery, and measurement.

Benefits

  • impressive room discounts across our many properties
  • recharge days
  • volunteering days throughout the year
  • myWellbeing framework
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service