Sr. Director, Product Security

About The Position

Requirements

• Typically requires a Bachelor’s degree in Cyber Security or Computer Science and a minimum of 15 years of related experience; or an advanced degree with 12+ years of experience; or equivalent relevant work experience.
• Typically requires 7+ years managing and developing employees.
• Experience in scaling software engineering, cloud architecture, or infrastructure engineering teams in a high available environment
• Proven ability to lead senior technical teams and cross-functional initiatives
• Strong communication skills across engineers, executives, auditors, regulators, and customers
• Applicants must be authorized to work for any employer in the U.S.
• This position requires fluent written and oral communication in English.

Nice To Haves

• Experience in regulated industries (financial services, fintech, payments, or similar) strongly preferred
• Familiarity with regulatory expectations and audits related to security and risk
• Experience influencing outcomes in matrixed organizations
• Certifications such as CISSP, CISM, or cloud security certifications are a plus

Responsibilities

• Product Security Leadership & Engineering Partnership Define and translate security requirements into practical, scalable engineering or product roadmap guidance amongst our Digital Banking products and services
• Champion Embedded security-by-design into product architecture, secure coding practices, CI/CD pipelines, and cloud-native platforms
• Partner with engineering leadership to drive DevSecOps adoption and measurable security outcomes
• Product Security Incident Response & PSIRT Own and mature the Product Security Incident Response Team (PSIRT) function
• Lead vulnerability intake, triage, remediation, and coordinated disclosure processes
• Working with infrastructure, evolve emergency patch/config release process
• Drive post-incident learning through root-cause analysis and systemic improvements
• Partner with Legal, Communications, and Customer teams during high-impact security events
• Product Integrity, Abuse & Threat Modeling Ensure products are resilient against business logic abuse, misuse, fraud, and adversarial behavior
• Lead threat modeling for new products, features, and AI-enabled capabilities
• Collaborate with Fraud, Risk, and Trust teams to address cross-functional threats
• Champion secure architecture reviews at design and pre-launch phases
• AI & Agentic AI Security Governance Partner with architecture to oversee security standards and defense response program for AI and agentic AI systems
• Ensure secure model development, deployment, and inference pipelines
• Address AI-specific risks including: Prompt injection and jailbreaks Training data poisoning and leakage Model extraction and inversion Agent autonomy, identity, and privilege boundaries
• Lead AI red-teaming and adversarial testing efforts
• Align AI security practices with emerging regulatory and risk frameworks
• Security Operations & Engineering Enablement Provide oversight and technical leadership across: Application Security SOC and detection engineering Red, blue, and purple team programs Penetration testing and continuous assurance
• Ensure logging, monitoring, and telemetry are fully integrated into engineering workflows
• Drive automation and scalability across security operations

Benefits

• Health & Wellness
• Hybrid Work Opportunities
• Flexible Time Off
• Career Development & Mentoring Programs
• Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents
• Community Volunteering & Company Philanthropy Programs
• Employee Peer Recognition Programs – “You Earned it”