VP, Product Security

About The Position

Requirements

• Bachelor’s degree in Computer Science, Engineering, Math or Physical Science
• 13 or more years of relevant work experience and leadership experience in applicable information security roles.
• Experience with various types of information security tools and controls.
• Clear and concise understanding of current security vulnerabilities and attacks.
• Experience evaluating and assigning risk levels to uncovered issues.
• Experience with the OWASP Top 10 and other Application Security issues.
• Extensive experience with network security design and protection, application development, application security issues, operating system security, hardening standards, and protection mechanisms.
• Extensive and diverse experience with the fundamentals of security devices (design and function).
• Ability to articulate the practical and technical application of the following standards: (ISO, PCI, FedRAMP and FISMA).
• Excellent verbal, written skills, and interpersonal skills with a demonstrated ability to support complex organizational relationships.
• Background and drug screen.
• Must be able to perform essential functions and physical requirements of position with or without reasonable accommodation.
• Candidates responding to this posting must independently possess the eligibility to work in the United States at the date of hire.

Nice To Haves

• Ten or more years of product, architecture, or cloud security experience within the financial sector.
• In-depth knowledge with public cloud service architectures such as AWS, Azure, and GCP.
• Certifications: CISSP, GCSA, CISM, CISA or equivalent.

Responsibilities

• Provides exceptional leadership in developing highly engaged, high-performance teams.
• Creates frictionless paths for engineering teams to securely build and deploy new products.
• Manages the development, deployment, and execution of controls and defenses to ensure the security and risk mitigation of developed products and digital payment systems.
• Identifies and designs cybersecurity architecture, goals, objectives, and performance metrics, including KRIs and KPIs; analyzes business needs and priorities for protection of critical systems.
• Establishes and implements appropriate product security standards for secure development, operations, and compliance.
• Leverages in-depth knowledge of threat modeling, secure software development lifecycle, cloud security, cryptography, authentication, and authorization design patterns.
• Leads cross-functional teams to architect, design, and deploy secure cloud services and application architecture.
• Leads purple team certifications for all products to ensure that products are designed with logging and monitoring capabilities adequate for detecting and responding to all potential cybersecurity events.
• Provides subject matter expertise and support for vulnerability audits and product incident response.
• Oversees the quality of code analysis, reporting, and resolution.
• Identifies issue trends and drives root cause resolutions.
• Evaluates potential business impacts from security breaches and provides strategic and tactical guidance to business decision-makers.
• Develops and executes security systems compliance policies and procedures.
• Prevents production vulnerabilities and ensures quick resolution of security testing findings, such as bug bounty, penetration testing, or audit findings.
• Interacts with customers, regulators, and auditors on a regular basis.
• Supports the company’s commitment to risk management and protecting the integrity and confidentiality of systems and data.

Benefits

• Competitive medical (PPO/HDHP), dental, and vision plans
• Company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
• 401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
• Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees.
• 11 paid company holidays
• Paid volunteer day
• 12 weeks of Paid Parental Leave
• Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.