Security Director, Engineering

About The Position

Requirements

• You exhibit Principal-level technical leadership with a proven track record of leading cross-team security initiatives through influence, clarity, and shipping real systems—not just policies.
• You have strong application security fundamentals such as: authn/authz, session security, secure API design, data protection, threat modeling, and secure SDLC practices.
• You are a practical risk manager, with the ability to prioritize, measure tradeoffs, and create guardrails that teams actually adopt.
• You have cloud & platform security experience such as: IAM concepts, secrets management, key management, service-to-service auth patterns, and logging/detection fundamentals.
• You have a DevSecOps and automation mindset and have experience integrating security checks into CI/CD with minimal developer friction.
• You exhibit depth in vulnerability management, knowing how to triage, develop remediation strategies, verify fixes, all while partnering with teams to close the loop quickly.
• You have excellent communication skills including concise, executive-ready writing and strong technical coaching abilities for engineers.

Nice To Haves

• Experience with streaming/media security and DRM ecosystems and output protection concepts.
• Experience with mobile and device ecosystems (iOS/Android/TV devices), including secure storage patterns and platform attestation.
• Familiarity with reverse engineering tools and client hardening/anti-tamper approaches.
• Exposure to privacy/security compliance partnerships (GRC) and working with legal/product on policy requirements.

Responsibilities

• Security execution at scale: Drive adoption of required controls across engineering by establishing clear engineering playbooks, paved paths, and secure-by-default platform capabilities that can be consistently adopted across services, regardless of engineering domain.
• Design-time security embedded in engineering workflows: Ensure threat modeling and security architecture considerations are built into how engineering designs and ships using approved patterns and reference architectures as the default starting point.
• Practical requirements shaping: When requirements are infeasible or disproportionately costly, you'll drive early escalation and propose alternatives (sequencing, compensating controls, platform changes) so we maintain momentum without accepting unmanaged risk.
• Cross-team alignment and escalation: Identify cross-domain architectural risks and drive resolution across teams, bringing the right stakeholders together and escalating when tradeoffs require executive judgment.
• Vulnerability closure and systemic risk reduction: Run the operating rhythm across engineering for vulnerability intake, triage, ownership assignment, remediation planning, verification, and escalation. Ensure timely fixes and eliminate repeat issue classes through platform/tooling improvements.
• Tooling integration and evidence readiness: Partner with engineering teams to integrate enterprise security tooling into CI/CD and production environments, and ensure engineering can reliably produce evidence of compliance in a low-friction, automated way.
• Incident readiness and closure: Improve security incident preparedness in engineering (runbooks, exercises, detection hooks) and ensure post-incident actions translate into durable engineering improvements.
• Partner with Global Security for execution: Serve as the primary engineering counterpart to Global Security, translating enterprise policies, controls, tooling, and compliance requirements into adoptable engineering practices and roadmaps, and feeding back where standards need better patterns, automation, or sequencing to scale.

Benefits

• Receive a great compensation package including salary plus performance bonus earning potential, paid annually.
• Flexible time off policies allowing you to take the time you need to be your whole self.
• Generous medical, dental, vision, STD, LTD, and life insurance
• Health Saving Account HSA program
• Health care and dependent care FSA
• 401(k) plan, with employer match
• Employer paid commuter benefit
• Support program for new parents
• Pet insurance and some of our offices are pet friendly!