Senior Product Security Architect

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, or related field
• 8+ years of progressive experience in product security and/or cybersecurity
• Strong understanding of technical concepts: SAST, DAST, SCM, IdP, Kernel, Firmware, WAF, firewalls, IDS/IPS, SIEM, cloud security, etc.
• Knowledge of major frameworks: SOC 2, ISO 27001, GDPR, NIST, HIPAA, etc.
• Experience with cross-border regulatory compliance (especially EU data privacy)
• Legal authorization to work in the U.S. indefinitely is required.
• 5+ years of experience in product security, cybersecurity, and/or regulatory compliance

Nice To Haves

• Certifications such as CSSP, CEH, CISM, CISSP, CISA, CRISC are strongly preferred.
• Excellent verbal and written communication, able to liaise effectively with both technical and non-technical teams
• High emotional intelligence experience across cultures/time zones
• Experience in a high-growth tech environment or SaaS business
• Calm under pressure—especially during incidents or audits
• Familiarity with security considerations for AI/ML systems is highly desirable

Responsibilities

• Lead the design and implementation of secure architectures across products and services.
• Perform threat modeling, risk assessments, and architecture reviews to identify and mitigate risks.
• Proven experience in developing and implementing threat modeling programs (e.g., STRIDE, PASTA, DREAD).
• Demonstrable experience in securing cloud environments (e.g. AWS and Azure)
• Experience with defining and enforcing technical security standards and controls.
• Solid understanding of secure software development lifecycle (SSDLC) principles and practices.
• Partner with engineering teams to ensure secure coding practices and adoption of industry best practices
• Define and oversee the implementation of security testing, including SAST, DAST, and penetration testing.
• Ensure products comply with relevant security standards, certifications, and regulations (e.g., OWASP, NIST, ISO 27001, CIS, PCI DSS, ATT&CK, D3FEND, CIS, CSF, CAF.)
• Support product security incident response processes, including root cause analysis and mitigation strategies.
• Monitor emerging security threats, vulnerabilities, and trends to proactively investigate, remediate, and integrate new protections.
• Drive continuous improvement of product security posture by identifying gaps and implementing solutions.
• Develop and maintain security architecture documentation, guidelines, and framework
• Overseeing product infrastructure security, endpoint protection, and threat monitoring
• Maintain incident response plans and conduct simulations across U.S. and EU teams
• Oversee vulnerability management and phishing simulations
• Collaborate with internal and external stakeholders to enforce secure development lifecycle practices
• Evaluate and recommend new tools and platforms to support threat prevention, detection, and response
• Coordinate information security and data protection initiatives ensuring alignment with corporate goals
• Serve as a strategic partner to IT and Engineering teams on risk matters

Benefits

• Incentive Bonus Plans
• Medical, Dental, Vision benefits
• 401K with Company Match
• 10 Paid Holidays
• Generous Paid Time Off Packages
• Employee Stock Purchase Plan
• Paid Parental & Family Leave