Product Security Compliance Manager

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Computer Information Systems, or a related field
• 4–6 years of experience in product security, security compliance, risk management, or trust-related roles
• Experience supporting engineering teams through ITAR, FedRAMP, and/or GovCloud compliance or certification efforts
• Knowledge of Secure Software Development Lifecycle (SSDLC) processes and best practices
• Understanding of information security risks and controls across application, data, infrastructure, and enterprise systems, preferably in cloud or hybrid environments (e.g., AWS)
• Familiarity with security and privacy frameworks and regulations such as SOC 2, NIST SP 800-53, ISO/IEC 27001, GDPR, and CCPA.
• Experience working with engineering and security teams in a matrixed organization
• Strong communication, organizational, and documentation skills
• Desire to continue to learn and challenge yourself
• Able to travel as required (less than 25%)

Nice To Haves

• CISSP, FedRAMP Practitioner, or CCSP certification
• Experience working with desktop software and cloud-connected or hybrid products
• Familiarity with regulated environments, data residency, or regionalization requirements
• Experience supporting audits, penetration testing, or vulnerability management programs

Responsibilities

• Partner with Product Security Developers, security, product, and engineering teams to align security and privacy requirements with product architecture across desktop, hybrid cloud, and cloud-based products
• Lead and coordinate regulated compliance efforts such as ITAR and FedRAMP (including GovCloud deployments), supporting engineering teams through readiness, assessment, authorization, and ongoing compliance
• Translate regulatory, audit, security, privacy, resiliency, and Trusted AI requirements into clear, actionable guidance for product and engineering teams
• Collaborate across organizational boundaries with the corporate Trust organization to ensure alignment with enterprise trust standards, objectives, and reporting
• Lead cross-functional working groups for trust excellence and product certifications, participate in regionalization working groups, and contribute to continuous improvement initiatives
• Support the implementation and ongoing maintenance of internal Trust requirements, aligned with SOC 2, ISO/IEC 27001, and NIST SP 800-53–aligned controls
• Track and report on product trust commitments across security, privacy, availability, resilience, and recoverability
• Coordinate audits, government assessments, and customer security or compliance reviews
• Support security testing activities, security awareness efforts, incident response follow-up, business continuity considerations, and trust documentation

Benefits

• From health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work.
• Learn more about our benefits in the U.S. by visiting https://benefits.autodesk.com/