CrawlJobs Logo

Director, Product Security

United States, Buffalo 178000.00 - 220000.00 USD / Year · Job Posted April 12, 2026
Apply Position
Job Link Share

Job Description

The Director of Product Security is a critical leadership role responsible for the overall security posture of ACV’s software applications and platforms. Reporting directly to the CISO, this individual will own and mature the entire Product and Application Security program, integrating security practices throughout the Secure Software Development Lifecycle (SSDLC). This position requires a self-motivated and highly organized leader with excellent communication and technical skills. The Director will ensure the confidentiality, integrity, and availability of ACV’s product-related data and systems by mitigating code-based risks within a fast-paced, technology-driven environment. You will build and lead a high-performing team, driving continuous improvement and ensuring ACV remains a secure and trusted platform for dealers and buyers nationwide.

Job Responsibility

  • Design, implement, and manage the end-to-end Product Security program
  • Lead the adoption of DevSecOps practices, automating security tools and gates within the CI/CD pipelines
  • Establish and enforce Secure Software Development Lifecycle (SSDLC) requirements
  • Build, mentor, and manage a team of Product Security Engineers
  • Proactively identify and establish security guardrails for AI/ML model development and usage
  • Oversee the deployment, tuning, and management of application security testing tools (SAST, DAST, SCA)
  • Lead vulnerability remediation efforts for all ACV products
  • Perform and oversee deep-dive security architecture and design reviews for all new products, features, and core application services
  • Define and manage secure configuration standards for containerized applications, microservices, APIs, and their supporting cloud infrastructure (AWS and GCP)
  • Manage and coordinate external penetration testing and bug bounty programs
  • Design, maintain, and measure processes to prevent vulnerabilities from reaching production
  • Work with Technical Program Management to create appropriate key performance indicators
  • Contribute to ACV’s overall Governance, Risk, and Compliance (GRC) program
  • Lead security risk assessments, threat modeling, and tabletop exercises specific to product features and application architecture
  • Ensure protection of sensitive data, including PII and financial information, within the application environment
  • Serve as the primary security advisor to Product and Engineering leadership
  • Collaborate effectively with IT, Engineering, and Product teams to integrate security into their processes
  • Maintain strong communication channels with remote team members
  • Create a culture of communication and collaboration
  • Create and maintain executive dashboards to increase security visibility
  • Perform additional duties as assigned

Requirements

  • 10+ years experience in Information Security
  • 5+ years directly focused on Product Security or Application Security in a leadership role
  • Proven experience building and leading a centralized Product Security/AppSec program within a technology-driven, cloud-based SaaS company
  • Deep, hands-on knowledge of the Secure Software Development Lifecycle (SSDLC), CI/CD, and DevSecOps principles, including automating security tooling
  • Strong understanding of security frameworks and best practices (NIST CSF, ISO 27001, CIS Controls)
  • Extensive experience with cloud security, with a strong focus on securing applications deployed in AWS and/or GCP environments
  • Experience with modern software development including Agentic and Generative AI techniques
  • Expertise with multiple application security tools, including SAST, DAST, MAST, SCA, API security platforms, and Web Application Firewalls (WAF)
  • Excellent communication, interpersonal, and leadership skills, with an ability to translate complex technical risks into business context
  • Ability to work effectively in a remote environment and manage geographically dispersed teams

Nice to have

Experience with Fintech companies is desirable

What we offer

  • Multiple medical plans including a high deductible, low cost health plan
  • Company-sponsored (paid) Short-Term Disability, Long-Term Disability, and Life Insurance
  • Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
  • Generous paid time off options, including uncapped vacation days, paid sick days, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave
  • Employee Stock Purchase Program with additional opportunities to earn stock in the Company
  • Retirement planning through the Company’s 401(k)

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Director, Product Security

8 matching positions

Director, Product Management - Security & Data Intelligence Solutions

Director, Product Management - Security & Data Intelligence Solutions Product M...
Location
Location
United States , McLean; Richmond; New York; Chicago; Riverwoods
Salary
Salary:
209500.00 - 286900.00 USD / Year
capitalone.com Logo
Capital One
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 7 years of experience working in Product Management
  • A Bachelor's Degree in a quantitative field (Statistics, Economics, Operations Research, Analytics, Mathematics, Computer Science, Computer Engineering, Software Engineering, Mechanical Engineering, Information Systems or a related quantitative field)
  • A Master's Degree in a quantitative field (Statistics, Economics, Operations Research, Analytics, Mathematics, Computer Science, Computer Engineering, Software Engineering, Mechanical Engineering, Information Systems or a related quantitative field) or an MBA with a quantitative concentration
Job Responsibility
Job Responsibility
  • Define solutions for the Global Payment Network, focusing on resilient architecture that anticipates emerging threats in real-time
  • Lead solutions for multi-factor, biometric, and behavioral authentication solutions that eliminate friction while maximizing security
  • Design intelligent solutions that identify and neutralize sophisticated fraud patterns before they impact the ledger
  • Define new ways to transform raw network data into actionable products—such as real-time spend insights, identity verification services, and loyalty-driving data tools—that provide tangible value to our customers
  • Partner with platform product teams and engineering teams to ensure that complex security requirements are translated into scalable code that can handle global transaction volumes
What we offer
What we offer
  • Performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI)
  • Health, financial and other benefits
  • Fulltime
Read More
Arrow Right

Director of Product Management (AI Runtime Security)

As the Director of Product Management for AI Runtime Security, you will lead a w...
Location
Location
United States , Seattle
Salary
Salary:
238300.00 - 327025.00 USD / Year
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in a technical field, or equivalent practical/military experience
  • 8+ years of product management experience, with at least 3 years in a people management or team lead role
  • Demonstrated experience with enterprise products/platforms in cloud, networking, security, or AI domains
  • Excellent written and verbal communication skills, with a proven ability to present to both technical and executive audiences
  • Strong analytical and problem-solving skills, with the ability to use data to drive strategic decisions
Job Responsibility
Job Responsibility
  • Lead, mentor, and grow the Product Management team for AI Runtime Security, fostering a culture of innovation and execution
  • Define and articulate the product vision, strategy, and roadmap for AI Runtime Security, ensuring alignment with executive leadership and customer requirements
  • Proactively collaborate with engineering, marketing, and other cross-functional teams to ensure seamless product development and delivery
  • Own and communicate the product roadmap to internal stakeholders, customers, prospects, and industry analysts
  • Partner closely with engineering leadership to solve complex technical problems, prioritize development, and deliver high-quality, on-time product releases
  • Collaborate with product marketing to develop compelling messaging, sales tools, and go-to-market strategies that drive adoption
  • Develop and execute product pricing, packaging, and go-to-market strategies to maximize market impact and revenue
  • Fulltime
Read More
Arrow Right

Director of Product Management (Application Acceleration and Security)

As the Director of Product Management (App Acceleration & Security), you will se...
Location
Location
United States , Santa Clara
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in Product Management, including at least 5 years in a senior leadership role
  • Proven ability to build products from the ground up to significant revenue, as well as optimizing existing high-scale product lines
  • Deep understanding of SASE architecture, Next-Generation Firewalls, edge computing, WAF, and Bot Management
  • Hands-on experience writing and refining AI model evaluations
  • Demonstrated ability to 'influence the influencers' and drive alignment across large, complex organizations without direct authority
  • Proven track record of managing product financials, including gross margin analysis and unit economics
  • Bachelor’s degree in Computer Engineering, Computer Science, or a related technical field
Job Responsibility
Job Responsibility
  • Define a multi-year vision for the App Acceleration and App Security business units, ensuring seamless integration into broader SASE frameworks
  • Direct the evolution of firewall capabilities, including WAF, NGFW, and Distributed Cloud Firewalls, to support modern distributed workloads
  • Establish and maintain a 'Competitive Moat' to ensure continuous technical superiority over both legacy and emerging competitors
  • Drive the unification of security policies and user interfaces following acquisitions to ensure the customer experience is intuitive and cohesive, rather than a reflection of internal organizational silos
  • Establish standards for AI model evaluations and coach individual contributors on perfecting these evals to ensure product quality and relevance
  • Drive the commercial health and P&L influence of product lines, specifically optimizing Blended Margins across hardware, software, and cloud services
  • Lead the scaling of product lines from early-stage development to significant revenue milestones, while simultaneously managing and expanding established portfolios
  • Collaborate with Engineering and Operations to manage COGS, ensuring high-performance security inspection remains cost-effective
  • Develop value-based pricing models that reflect the converged value of networking and security
  • Lead the IP strategy by identifying patent opportunities in areas like low-latency security processing and automated threat mitigation
What we offer
What we offer
  • restricted stock units and a bonus
  • Fulltime
Read More
Arrow Right

Product Manager, Prime Product and Margin, Director

Citi's Markets division is one of the world's leading providers of financial pro...
Location
Location
United States , New York
Salary
Salary:
200000.00 - 300000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant experience in a product management, business analysis, or senior operational role within Prime Brokerage, Prime Finance, or a closely related area at a global financial institution or broker-dealer — typically 10 or more years
  • Deep technical knowledge of margin frameworks across multiple asset classes, including familiarity with SPAN, TIMS, VaR, and Expected Shortfall methodologies, as well as cross-margining structures and portfolio margin concepts
  • Strong understanding of the regulatory landscape relevant to prime finance and margin, including Regulation T, FINRA Rule 4210, SEC 15c3-1/15c3-3, and ISDA/CSA collateral mechanics
  • awareness of central clearing developments is highly advantageous
  • Demonstrated ability to translate complex, technical concepts into clear product requirements and to influence and align senior stakeholders across business, technology, risk, and compliance functions
  • Cross-asset product knowledge spanning equities (cash and synthetic), fixed income, FX, futures, and cleared swaps, with an understanding of how margin interacts with financing, securities lending, and client portfolio structures
  • Strong academic background, typically a degree in a quantitative, financial, or technical discipline
  • a postgraduate qualification or CFA charterholder status would be advantageous but is not essential
Job Responsibility
Job Responsibility
  • Lead the end-to-end product lifecycle for Cross Product Margin capabilities within Prime Finance, translating complex margin methodologies — including scenario-based, VaR, and Expected Shortfall frameworks — into scalable, well-defined product requirements for technology delivery
  • Define and drive the strategic roadmap for CPM infrastructure, working across execution, clearing, and margin technology to converge platforms into a cohesive, globally consistent architecture
  • Act as the primary subject matter expert on cross-asset margin frameworks, including portfolio-level offsets, concentration add-ons, liquidity haircuts, and regulatory overlays across equities, fixed income, FX, futures, and cleared derivatives
  • Partner with Trading, Risk, Operations, Legal, and Compliance to ensure margin product design meets both commercial objectives and regulatory requirements, including FINRA Rule 4210, Regulation T, ISDA/CSA mechanics, and evolving central clearing mandates
  • Engage directly with institutional clients and internal stakeholders to identify margin optimisation opportunities, articulate product capabilities, and support the development of client-facing margin tools and reporting
  • Drive governance and prioritisation across a portfolio of cross-functional technology programmes, ensuring delivery against agreed timelines and commercial outcomes in a complex, multi-stakeholder environment
What we offer
What we offer
  • Medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Director, Security Architect, APEC

Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Systems, Computer Science or related field or equivalent experience/certification
  • 8+ years’ experience in Information Security with: 3+ years in process-oriented Security Audit/Assurance/Technical Assessment role
  • 2+ years’ team management experience with security technical team members
  • 1-2 years’ experience/exposure to Common Controls Framework
  • Exposure/functional understanding of NIST RMF
  • Current and relevant information security certifications such as: CISSP (Certified Information Systems Security Professional), (ISC)2 CGRC certification, ISACA, PCI QSA/ISA, ITIL, IS Certification & Accreditation Professional - ISCAP, GIAC Information Security Professional (GISP)
Job Responsibility
Job Responsibility
  • Lead and manage security architecture and engineering in APEC
  • Performs security accreditation and evaluates the implementation of those controls in order to grant Approval to Operate for a release of new infrastructure, services, applications and processes into Marriott’s Production Environments in regional level
  • Leverages existing Security Engagement processes and documentation, in conjunction with security compliance tools, to determine control implementation status
  • Will routinely process ITSM Release and Security Engagement Tasks to document justification for all approvals
  • Will routinely collaborate with multiple teams, including, but not limited to, Business Release Sponsors, Project Managers, Security Architects, Security Architecture Analysts, and Change Management teams to ensure the Security Processes are followed and completed in order to accredit the engagement or release
  • Will routinely manage and communicate the status of the tasks assigned in ITSM to thoroughly document the accreditation resulting in granting of Approval to Operate
  • Understand, communicate, interpret and enforce MI Policies and Security Standards throughout the Certification and Accreditation process
  • Understand and communicate control objectives in terms of both MI Policy and Standards and Security Best Practice Frameworks, including, but not limited to, NIST RMF, NIST CSF, PCI DSS, GDPR, MPLS, EU Privacy, ISO, as referenced in Marriott’s Common Controls Framework
  • Will periodically provide status and metrics for the assigned C&A Engagements in order to provide visibility and transparency to GIS Senior Leadership
  • Works with development teams to review application source code for security and operational risks
  • Fulltime
Read More
Arrow Right

Director, Security Operations and Incident Response

At Comcast, we are committed to providing secure and reliable services for our c...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of relevant cybersecurity experience, including leadership experience in cybersecurity operations, security incident response, threat hunting, threat detection, or enterprise SOC functions in a large, complex environment with at least 5 years of experience managing leaders of people
  • Demonstrated experience managing high-severity cybersecurity incidents, including executive communications, cross functional coordination, containment strategy, remediation oversight, and post-incident improvement
  • This role supports a 24x7 cybersecurity operation and requires availability outside of standard business hours, including nights, weekends, and holidays, during critical incidents and high-severity security events
  • Strong leadership experience building, managing, and scaling technical security teams, including managers, incident responders, SOC analysts, threat hunters, detection engineers, and specialized security professionals
  • Deep technical understanding of modern security operations, including SIEM, EDR, threat intelligence, malware analysis, digital forensics, cloud security, identity security, network security, automation, and detection engineering
  • Experience partnering with engineering teams to build, improve, and operationalize security tools, data platforms, dashboards, automations, telemetry pipelines, and analyst workflows
  • Proven ability to make high-impact decisions under pressure and lead teams through ambiguous, fast-moving security events
  • Experience developing incident response operating models, playbooks, escalation procedures, readiness exercises, metrics, and continuous improvement programs
  • Strong understanding of adversary tradecraft, threat hunting methodologies, detection lifecycle management, and frameworks such as MITRE ATT&CK
  • Strong executive communication skills, including the ability to brief senior leaders on risk, impact, operational status, capacity gaps, and recommended actions
Job Responsibility
Job Responsibility
  • Lead and scale Comcast’s SOC, Security Incident Response Team, threat hunting, and threat detection functions, ensuring the organization is trained, equipped, and structured to respond effectively to routine security events and major incidents
  • Build the operating model, staffing approach, escalation paths, runbooks, and surge capacity required to manage multiple concurrent major incidents
  • Serve as a senior incident commander for high-severity cybersecurity events, coordinating response across technical teams, business stakeholders, legal, privacy, communications, and executive leadership
  • Lead Comcast’s threat hunting function to proactively identify adversary behavior, emerging attack patterns, control gaps, and high-risk activity before it becomes a major incident. Including leading Purple Team activities
  • Own and mature the enterprise threat detection strategy, including detection coverage, alert fidelity, tuning, detection lifecycle management, and alignment to threat intelligence, adversary tradecraft, and business risk
  • Partner with security engineering, data engineering, platform engineering, and product teams to design and improve the tools, pipelines, dashboards, automations, and case management workflows used by cyber operations teams
  • Drive continuous improvement across SIEM use cases, endpoint detections, cloud detections, identity detections, network telemetry, enrichment pipelines, automation, and analyst workflows
  • Ensure lessons learned from incidents and hunts directly inform new detections, improved runbooks, stronger controls, and better response procedures
  • Develop and continuously improve incident response strategy, severity models, communications protocols, after-action reviews, and remediation tracking
  • Establish executive reporting on incident trends, SOC performance, detection quality, threat hunting outcomes, operational capacity, readiness gaps, and enterprise risk
What we offer
What we offer
  • Medical, prescription, vision, and dental insurance for eligible employees
  • 401(k) savings plan with dollar-for-dollar matching up to the first 6% of your pay
  • Paid time off including eight observed company holidays and flex time
  • Exclusive perks + discounts, including tuition assistance, commuter benefits and more
  • Fulltime
Read More
Arrow Right

Director, Product Experience & Design

We are seeking a visionary and execution-oriented Director, Product Experience &...
Location
Location
United States of America , New York
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Customer Obsession: Deep empathy for developers, analysts, data scientists, and enterprise platform users
  • Proven experience scaling UX organizations in enterprise SaaS, platform, or cloud-native environments
  • Strong understanding of: Enterprise SaaS platforms
  • Developer platforms and workflows
  • APIs and integration patterns
  • Strategic storytelling: Ability to translate complex platform and AI concepts into clear, compelling narratives
  • Systems thinking: Ability to simplify deeply interconnected technical ecosystems into intuitive user experiences
  • Influence without authority: Ability to align Engineering, Product, Security, and Operations around shared experience standards
  • Strong perspective on AI/agentic UX, human-in-the-loop systems, and experience design at scale
Job Responsibility
Job Responsibility
  • Define and lead the end-to-end product experience vision for the Enterprise Data & AI Platform ecosystem
  • Establish a cohesive UX strategy across: Developer platforms
  • Data products and marketplaces
  • Analytics and observability experiences
  • AI / agentic interfaces
  • Governance and trust frameworks
  • Define how users and AI agents interact, recognizing shifting behaviors as enterprise users increasingly leverage AI
  • Drive consistency across on-prem, private cloud, and public cloud environments
  • Build and scale a unified enterprise design system for data, AI, and platform products
  • Define Mastercard-wide standards for: Design language and experience principles
What we offer
What we offer
  • Insurance (including medical, prescription drug, dental, vision, disability, life insurance)
  • Flexible spending account and health savings account
  • Paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave)
  • 80 hours of Paid Sick and Safe Time
  • 25 days of vacation time and 5 personal days
  • 10 annual paid U.S. observed holidays
  • 401k with a best-in-class company match
  • Deferred compensation for eligible roles
  • Fitness reimbursement or on-site fitness facilities
  • Eligibility for tuition reimbursement
  • Fulltime
Read More
Arrow Right

Director, Product Management, Unified Platforms

Bright Horizons is a leading education and care company that helps employees thr...
Location
Location
United States , Newton
Salary
Salary:
139000.00 - 185000.00 USD / Year
brighthorizons.com Logo
Bright Horizons
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of product management experience to include directly managing a digital product
  • Bachelor’s degree in Engineering, Computer Science, Technology, Business, or a related field. 5+ years minimum of additional experience would be considered in lieu of applicable degree.
Job Responsibility
Job Responsibility
  • Drives the product strategy, vision, and roadmap for unified platform initiatives
  • Ensures collaboration across product teams creating personalized consumer-facing experiences using common capabilities
  • Enhances user experience and efficiency by rapidly delivering enhancements and evaluating new solutions and services
  • Develops and maintains a solid knowledge of the needs of customers, clients, competitors, and the industry
  • Identifies new product opportunities, develops business cases, and analyzes feasibility to inform strategic investments
  • Works cross-functionally across the enterprise to ensure alignment in design, technology, product development, and vendor strategy
  • Create and maintain product roadmaps for our products and services
  • Collaborate cross-functionally across the organization to identify, prioritize and deliver capabilities
  • Work with data science and insights teams to enable optimization of digital experiences
  • Ensure that we effectively leverage data and engagement tools
What we offer
What we offer
  • Medical, dental, and vision insurance
  • Paid vacation, sick, holiday, and parental bonding leave
  • 401(k) retirement plan
  • Long-term and short-term disability insurance
  • Life insurance
  • Money-saving discounts and financial planning tools
  • Tuition assistance and education coaching
  • Caregiving support and resources
  • This position is also eligible for bonus and RSUs
  • Fulltime
Read More
Arrow Right