Director of Product security - Product Engineering

Company: Mcafee
Location: Frisco
Posted on: April 19, 2025

Job Description:

Director, Product security page is loadedDirector, Product securityApply locations US, Texas, Frisco time type Full time posted on Posted 2 Days Ago job requisition id JR0031714Role Overview:The Director of Product Security will lead the development and execution of the organization's product security strategy, ensuring that all products are designed, deployed, and maintained with comprehensive security practices. The ideal candidate will be a strategic leader with extensive technical expertise in product security and a proven ability to collaborate effectively with product, engineering, and executive teams to create secure, scalable, and resilient solutions. This role will oversee a team of security professionals, working closely with cross-functional teams to integrate secure software development lifecycle (SDLC) practices, AWS Cloud security, and DevSecOps principles. Additionally, the Director will lead initiatives in risk management, threat modeling, and compliance to ensure that the organization's products meet the highest security standards.This is a Hybrid position located in either San Jose, CA or Frisco, TX. You will be required to be onsite on an as-needed basis, typically 1 to 6 times a month. We are only considering candidates within a commutable distance to one of the two locations and are not offering relocation assistance at this time.About the role:

• Strategy and Leadership:
  • Lead the security initiatives related to the design, development, and deployment of our products, ensuring they meet industry security standards and regulatory requirements (e.g., GDPR, PCI, HIPAA, SOC2).
  • Lead and mentor a growing product security team, fostering a culture of security excellence across the company.
  • Act as a strategic advisor, offering insights on industry best practices, emerging security risks and opportunities for improvement.
  • Security Architecture and Design:
    • Collaborate with product and engineering teams to integrate security into the product design and development process.
    • Conduct security assessments, threat modeling, and risk analysis for products and applications.
    • Develop and enforce secure coding standards, best practices, and security requirements.
    • Vulnerability Management:
      • Oversee and manage the identification, analysis, and remediation of security vulnerabilities across the product portfolio.
      • Ensure that security testing (e.g., static code analysis, dynamic analysis, penetration testing) is integrated into the development lifecycle.
      • Incident Response and Risk Management:
        • Lead product security incident response efforts, including investigation, containment, and remediation.
        • Develop and maintain risk management processes, ensuring that security risks are identified, evaluated, and mitigated appropriately.
        • Collaboration and Communication:
          • Partner with product managers, engineers, and other key stakeholders to ensure security is a priority at all stages of product development.
          • Communicate complex security topics effectively to non-technical stakeholders and executives.
          • Work with legal and compliance teams to ensure products meet regulatory requirements and industry standards.
          • Continuous Improvement:
            • Stay current with the latest security trends, tools, and technologies, applying new insights to improve product security.
            • Drive continuous improvement of security processes and practices, ensuring alignment with industry best practices.About you:
              • Minimum of 10+ years of experience in product security, software development, or related technical fields.
              • At least 5 years of leadership experience managing and growing security teams.
              • Proven track record of developing and executing product security strategies for a variety of products in a complex technology environment.
              • Strong understanding of software development practices and experience working with modern development frameworks (e.g., Agile, DevOps).
              • Deep understanding of security vulnerabilities, threats, and mitigation strategies (e.g., OWASP Top 10, secure coding practices).
              • In-depth knowledge of information security frameworks, standards, and best practices.
              • Expertise in threat modelling, risk assessment, and incident response, with a proactive approach to identify and mitigate security risks.
              • Experience with secure coding practices and conducting security audits and assessments to ensure compliance with security policies.
              • Knowledge of cloud security principles and best practices, including securing cloud infrastructure and applications.
              • Hands-on experience with security tools (e.g., SAST, DAST, IAST, and SCA, penetration testing, vulnerability management).
              • Experience with infrastructure as code (IaC) tools such as Terraform, with Linux systems, containerization technologies (Docker, Kubernetes).
              • Strong knowledge of encryption, authentication, and authorization mechanisms.#LI-HybridCompany OverviewMcAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users' needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment.Company Benefits and Perks:We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
                • Bonus Program
                • Pension and Retirement Plans
                • Medical, Dental and Vision Coverage
                • Paid Time Off
                • Paid Parental Leave
                • Support for Community InvolvementWe're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.About UsMcAfee recognizes and supports its obligation to reasonably accommodate applicants and employees with disabilities. We are here to help. Please let us know if you need a reasonable accommodation for any part of the application, interviewing, hiring, or at any other time during the employment process. Please do not include personal medical information in the email.Diversity is foundational for our business success. We want to be a workplace of choice for all people and we value the unique perspectives offered by a diverse workforce. McAfee does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, citizenship, disability, protected veteran status, age, ancestry, medical condition, genetic information, marital status, pregnancy, or any other legally protected status. This principle applies to all areas of employment: recruitment and hiring, training, performance evaluations, promotions and transfers, compensation and benefits, and social and recreational programs.McAfee desires to be an employer of choice with an inclusive environment for all individuals. As part of this goal and in compliance with various laws and regulations, McAfee provides reasonable accommodation to applicants and employees. Requests for reasonable accommodation for applicants and employees are evaluated on a case-by-case basis.
                  #J-18808-Ljbffr

Keywords: Mcafee, DeSoto , Director of Product security - Product Engineering, Engineering , Frisco, Texas