Vice President, Product Security

We are seeking an experienced and highly skilled Vice President of Product Security to join our Global Product & Solutions organization. This senior-level leadership role is responsible for establishing and maintaining a comprehensive product security program, ensuring the security of our software products and all operational technology, including Programmable Logic Controllers (PLCs). As the VP, you will be responsible for establishing and maintaining a robust product security program to safeguard our software products and protect our customers' data and privacy. This is a senior-level leadership role that requires a strong background in product security, risk management, and regulatory compliance. Additionally, the VP will work closely with the Chief Information Security Officer (CISO) and their organization to align product security initiatives with the broader information security strategy of the company.

You and your team will work closely with cross-functional teams to ensure that security is embedded throughout the product development lifecycle. The VP will be responsible for creating a Security Operations Center (SOC) to monitor all security aspects of the product environment and will be the primary point of contact for security incident response. This role will also ensure compliance with relevant regulations such as GDPR, NIS-2, the EU Cyber Resilience Act, and other relevant legislation.What we offer:

Responsible for product security for the world’s largest warehouse automation provider at ~3B Euros in annual revenue
Responsible for product security for solutions installed at over 8,000 customers worldwide running some of the most high-volume, mission critical supply chains in the world with extremely stringent uptime and security requirements
Responsible for product security for solutions used by many global or fortune 500 companies
Given the rapid growth in cyber security threats, data protection requirements, and the increased complexity in our product and technology offerings such as SaaS, OT, and artificial intelligence the need for an experienced leader with the expertise to put in place a comprehensive program to ensure product security across our complex landscape is more critical than ever to ensure we protect both our customers and the company
Develop and implement a comprehensive product and operational technology security strategy, policies, and procedures that align with industry best practices and regulatory requirements, integrating these with the company's overall information security framework led by the CISO
Collaborate closely with the CISO and their team to align security practices across software products and operational technology systems, ensuring a unified approach to cybersecurity
Participate in joint initiatives with the CISO's organization to address broader security concerns and leverage collective expertise
Lead and manage a team of product security professionals, providing mentorship, guidance, and support in their day-to-day activities
Collaborate with product development and operational technology teams to embed security practices into the lifecycle of both software and hardware components, from design to deployment
Oversee the integration of operational technology security into the company's existing cybersecurity framework, addressing unique challenges and standards relevant to industrial control systems
Conduct thorough security assessments and risk analysis for new and existing products and operational technologies, identifying vulnerabilities specific to software, hardware, and PLCs
Stay updated on the latest security threats, vulnerabilities, and industry trends to proactively address emerging risks and enhance the security posture of our products
Work closely with legal and compliance teams to ensure compliance with relevant data protection and privacy regulations, such as GDPR, CCPA, and HIPAA
Develop and maintain specialized training programs and awareness campaigns addressing the unique security needs of operational technology and PLCs
Establish and maintain relationships with external security experts, vendors, and partners to leverage their expertise and stay abreast of the evolving threat landscape
Collaborate with customer-facing teams to address customer inquiries, concerns, and security-related incidents promptly and effectively
Oversee the implementation and maintenance of security controls, technologies, and tools, such as vulnerability scanners, penetration testing, and secure coding practices
Conduct regular security audits and assessments to identify gaps, recommend improvements, and ensure ongoing compliance with industry standards
Prepare and deliver executive-level reports and presentations on the state of product security, key metrics, and progress towards security goals
Foster a culture of security awareness and education within the organization through training programs, workshops, and awareness campaigns
Establish and maintain a Security Operations Center (SOC) to monitor all security aspects of the product environment
Ensure compliance with relevant regulations impacting both software and operational technology, such as GDPR, NIS-2, the EU Cyber Resilience Act, and industry-specific standards like ISA/IEC 62443
Lead and respond to security audits ensuring compliance and continuous improvement in security practices
Provide comprehensive security updates to Dematic executive leadership and the board of directors, including security efforts, achievements, and strategic plans
Tasks and Qualifications:

Bachelor's or Master's degree in computer science, information security, or a related field. Relevant certifications (e.g., CISSP, CISM, CSSLP) are highly desirable
Proven experience (8+ years) in product security, cybersecurity, or a related field, with a track record of successfully leading security initiatives in a SaaS environment
In-depth knowledge of security frameworks, standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, OWASP Top Ten, and secure software development practices (e.g., SDL, DevSecOps )
Strong understanding of cloud -based infrastructure, web application security, network security, encryption, authentication, and access control mechanisms
Familiarity with relevant data protection and privacy regulations (e.g., GDPR, CCPA) and their implications for SaaS products
Experience in managing and leading a team of security professionals, including hiring, performance management, and professional development
Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders at all levels of the organization
Proven analytical and problem-solving abilities, with the ability to think strategically and make sound decisions in a fast-paced environment
Strong project management skills, with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines
Demonstrated commitment to ongoing learning and professional development in the field of product security
The pay range for this role is estimated to be $200,000.00 - $300,000.00 at the time of posting and will be eligible for incentive compensation in accordance with company practices. Final compensation will be determined by various factors such as work location, education, experience, knowledge, and skills.

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr