Sr. Director, Product Security

Q2Austin, TX
61dHybrid

About The Position

As passionate about our people as we are about our mission. Why Join Q2? Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology—and we do that by empowering our people to help create success for our customers. What Makes Q2 Special? Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together. The Job At-A-Glance: We are seeking a Senior Director of Product Security to lead and scale our product security, PSIRT, and product integrity capabilities across a modern, cloud-native, and AI-enabled technology platform. This leader will work directly with Product and Engineering leadership to embed security while ensuring our products remain resilient against real-world adversaries, abuse, and emerging AI-driven threats. This role serves as the primary technical bridge between Security, Products and Engineering, owning secure and defense by design scanning and prioritization, vulnerability and product incident response. The leader in this role will also partner with architecture to secure the use and development of AI and agentic AI solutions. The Senior Director Of Product Security will also act as a deputy to the CISO, providing technical depth during product incidents and serving as a potential succession our CISO.

Requirements

  • Typically requires a Bachelor’s degree in Cyber Security or Computer Science and a minimum of 15 years of related experience; or an advanced degree with 12+ years of experience; or equivalent relevant work experience.
  • Typically requires 7+ years managing and developing employees.
  • Experience in scaling software engineering, cloud architecture, or infrastructure engineering teams in a high available environment
  • Proven ability to lead senior technical teams and cross-functional initiatives
  • Strong communication skills across engineers, executives, auditors, regulators, and customers
  • Applicants must be authorized to work for any employer in the U.S.
  • This position requires fluent written and oral communication in English.

Nice To Haves

  • Experience in regulated industries (financial services, fintech, payments, or similar) strongly preferred
  • Familiarity with regulatory expectations and audits related to security and risk
  • Experience influencing outcomes in matrixed organizations
  • Certifications such as CISSP, CISM, or cloud security certifications are a plus

Responsibilities

  • Product Security Leadership & Engineering Partnership Define and translate security requirements into practical, scalable engineering or product roadmap guidance amongst our Digital Banking products and services
  • Champion Embedded security-by-design into product architecture, secure coding practices, CI/CD pipelines, and cloud-native platforms
  • Partner with engineering leadership to drive DevSecOps adoption and measurable security outcomes
  • Product Security Incident Response & PSIRT Own and mature the Product Security Incident Response Team (PSIRT) function
  • Lead vulnerability intake, triage, remediation, and coordinated disclosure processes
  • Working with infrastructure, evolve emergency patch/config release process
  • Drive post-incident learning through root-cause analysis and systemic improvements
  • Partner with Legal, Communications, and Customer teams during high-impact security events
  • Product Integrity, Abuse & Threat Modeling Ensure products are resilient against business logic abuse, misuse, fraud, and adversarial behavior
  • Lead threat modeling for new products, features, and AI-enabled capabilities
  • Collaborate with Fraud, Risk, and Trust teams to address cross-functional threats
  • Champion secure architecture reviews at design and pre-launch phases
  • AI & Agentic AI Security Governance Partner with architecture to oversee security standards and defense response program for AI and agentic AI systems
  • Ensure secure model development, deployment, and inference pipelines
  • Address AI-specific risks including: Prompt injection and jailbreaks Training data poisoning and leakage Model extraction and inversion Agent autonomy, identity, and privilege boundaries
  • Lead AI red-teaming and adversarial testing efforts
  • Align AI security practices with emerging regulatory and risk frameworks
  • Security Operations & Engineering Enablement Provide oversight and technical leadership across: Application Security SOC and detection engineering Red, blue, and purple team programs Penetration testing and continuous assurance
  • Ensure logging, monitoring, and telemetry are fully integrated into engineering workflows
  • Drive automation and scalability across security operations

Benefits

  • Health & Wellness
  • Hybrid Work Opportunities
  • Flexible Time Off
  • Career Development & Mentoring Programs
  • Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents
  • Community Volunteering & Company Philanthropy Programs
  • Employee Peer Recognition Programs – “You Earned it”
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service