Experienced Lead of Product Secure Development Lifecycle and Regulatory Compliance

## \nCompany:\n\nQualcomm Technologies, Inc.\n\n## Job Area:\n\nEngineering Group, Engineering Group \u003e Security Engineering\n\nGeneral Summary:\n\nWe are seeking an experienced Product Security engineer to provide technical leadership and strength of execution across product security lifecycle for a diverse portfolio of products. This role will drive secure\u2011by\u2011design practices, product security risk reduction, and ensure that products and security processes meet both cybersecurity regulations across the globe and major international standards on cyber and product security.\n\nThe ideal candidate combines deep hands\u2011on product security expertise, regulatory compliance experience, and strong ability to drive cross\u2011functional execution, with proven ability to work effectively with engineering, product management and customers.\n\nKey Responsibilities:\n\nProduct Security Leadership\n\n * Translate applicable cybersecurity regulations and international cyber and product security standards into actionable product and engineering requirements.\n * Define, deploy, and continuously improve product security processes and controls, effectively and efficiently aligned with applicable cyber security regulations around the world and related international standards.\n * Serve as product security compliance authority, advising engineering, system architecture, and product teams on risk, mitigation strategies, and design tradeoffs.\n\n\n\nSecurity Engineering \u0026 Risk Management\n\n * Perform or guide threat modeling, security risk assessments for complex systems.\n * Drive secure design reviews, secure code review, vulnerability assessment, and security testing activities.\n * Provide expertise in one or more security domains, including hardware, trusted execution environments, exploit mitigation, or cloud/application security.\n\n\n\nTechnical Mentorship \u0026 Organizational Influence\n\n * Mentor junior engineer in threat analysis, secure design and implementation, and advanced security techniques.\n * Lead by influence across organizational boundaries rather than direct authority.\n * Represent product security perspectives in reviews with senior leadership and executive stakeholders.\n\n\n\nMinimum Qualifications:\n\n\u2022 Bachelor\u0027s degree in Engineering, Computer Science, or related field and 6+ years of Security Engineering or related work experience. \nOR \nMaster\u0027s degree in Engineering, Computer Science, or related field and 5+ years of Security Engineering or related work experience. \nOR \nPhD in Engineering, Computer Science, or related field and 4+ years of Security Engineering or related work experience.\n\nRequired Technical Expertise\n\nApplicants must have strong experience in product security and regulatory compliance, such as EU\u2019s Cyber Resilience Act (CRA).\n\n * Proven experience making products and product security processes compliant with cybersecurity regulations and international standards is required.\n * Experience leading or significantly influencing secure development lifecycle initiatives in larger organizations is highly preferred.\n\n\n\nIn addition, deep expertise in one or more of the following areas:\n\n * Threat modeling and security risk assessment\n * Secure code review, static/dynamic analysis, and vulnerability assessment\n * Hardware security\n * Platform security\n * Trusted execution environments (TEE)\n * Exploit mitigation techniques\n * Vulnerability management, including third\u2011party and open\u2011source components\n * Supply\u2011chain security\n\n\n\nLeadership \u0026 Management Skills\n\n * Demonstrated leadership of medium\u2011size engineering teams or major cross\u2011functional initiatives across diverse cultures and geographic locations.\n * Strong communication, collaboration, execution, and influencing skills, with the ability to work effectively with:\n * Senior and executive management\n * Product management and development teams\n * Compliance and operations stakeholders\n * Ability to balance technical depth with pragmatism, business impact, and product timelines.\n\n\n\nQualifications\n\n * Bachelor\u2019s degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field (advanced degree preferred).\n * Extensive industry experience (7+ years) in product security.\n\n\n\nQualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail [email protected] or call Qualcomm\u0027s toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries).\n\nTo all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.\n\nEEO Employer: Qualcomm is an equal opportunity employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or any other protected classification.\n\nQualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.\n\nPay range and Other Compensation \u0026 Benefits: \n\n$180,000.00 - $270,000.00\n\nThe above pay scale reflects the broad, minimum to maximum, pay scale for this job code for the location for which it has been posted. Even more importantly, please note that salary is only one component of total compensation at Qualcomm. We also offer a competitive annual discretionary bonus program and opportunity for annual RSU grants (employees on sales-incentive plans are not eligible for our annual bonus). In addition, our highly competitive benefits package is designed to support your success at work, at home, and at play. Your recruiter will be happy to discuss all that Qualcomm has to offer \u2013 and you can review more details about our US benefits at this link.\n\nIf you would like more information about this role, please contact Qualcomm Careers.\n