Director, Product security
Company: McAfee GmbH
Location: Frisco
Posted on: April 4, 2025
Job Description:
Role Overview: The Director of Product Security will lead the
development and execution of the organization's product security
strategy, ensuring that all products are designed, deployed, and
maintained with comprehensive security practices. The ideal
candidate will be a strategic leader with extensive technical
expertise in product security and a proven ability to collaborate
effectively with product, engineering, and executive teams to
create secure, scalable, and resilient solutions. This role will
oversee a team of security professionals, working closely with
cross-functional teams to integrate secure software development
lifecycle (SDLC) practices, AWS Cloud security, and DevSecOps
principles. Additionally, the Director will lead initiatives in
risk management, threat modeling, and compliance to ensure that the
organization's products meet the highest security standards.This is
a Hybrid position located in either San Jose, CA or Frisco, TX. You
will be required to be onsite on an as-needed basis, typically 1 to
6 times a month. We are only considering candidates within a
commutable distance to one of the two locations and are not
offering relocation assistance at this time.About the role:
- Strategy and Leadership:
- Lead the security initiatives related to the design,
development, and deployment of our products, ensuring they meet
industry security standards and regulatory requirements (e.g.,
GDPR, PCI, HIPAA, SOC2).
- Lead and mentor a growing product security team, fostering a
culture of security excellence across the company.
- Act as a strategic advisor, offering insights on industry best
practices, emerging security risks and opportunities for
improvement.
- Security Architecture and Design:
- Collaborate with product and engineering teams to integrate
security into the product design and development process.
- Conduct security assessments, threat modeling, and risk
analysis for products and applications.
- Develop and enforce secure coding standards, best practices,
and security requirements.
- Vulnerability Management:
- Oversee and manage the identification, analysis, and
remediation of security vulnerabilities across the product
portfolio.
- Ensure that security testing (e.g., static code analysis,
dynamic analysis, penetration testing) is integrated into the
development lifecycle.
- Incident Response and Risk Management:
- Lead product security incident response efforts, including
investigation, containment, and remediation.
- Develop and maintain risk management processes, ensuring that
security risks are identified, evaluated, and mitigated
appropriately.
- Collaboration and Communication:
- Partner with product managers, engineers, and other key
stakeholders to ensure security is a priority at all stages of
product development.
- Communicate complex security topics effectively to
non-technical stakeholders and executives.
- Work with legal and compliance teams to ensure products meet
regulatory requirements and industry standards.
- Continuous Improvement:
- Stay current with the latest security trends, tools, and
technologies, applying new insights to improve product
security.
- Drive continuous improvement of security processes and
practices, ensuring alignment with industry best practices.About
you:
- Minimum of 10+ years of experience in product security,
software development, or related technical fields.
- At least 5 years of leadership experience managing and growing
security teams.
- Proven track record of developing and executing product
security strategies for a variety of products in a complex
technology environment.
- Strong understanding of software development practices and
experience working with modern development frameworks (e.g., Agile,
DevOps).
- Deep understanding of security vulnerabilities, threats, and
mitigation strategies (e.g., OWASP Top 10, secure coding
practices).
- In-depth knowledge of information security frameworks,
standards, and best practices.
- Expertise in threat modelling, risk assessment, and incident
response, with a proactive approach to identify and mitigate
security risks.
- Experience with secure coding practices and conducting security
audits and assessments to ensure compliance with security
policies.
- Knowledge of cloud security principles and best practices,
including securing cloud infrastructure and applications.
- Hands-on experience with security tools (e.g., SAST, DAST,
IAST, and SCA, penetration testing, vulnerability management).
- Experience with infrastructure as code (IaC) tools such as
Terraform, with Linux systems, containerization technologies
(Docker, Kubernetes).
- Strong knowledge of encryption, authentication, and
authorization mechanisms.#LI-HybridCompany OverviewMcAfee is a
leader in personal security for consumers. Focused on protecting
people, not just devices, McAfee consumer solutions adapt to users'
needs in an always online world, empowering them to live securely
through integrated, intuitive solutions that protects their
families and communities with the right security at the right
moment.Company Benefits and Perks:We work hard to embrace diversity
and inclusion and encourage everyone at McAfee to bring their
authentic selves to work every day. We offer a variety of social
programs, flexible work hours and family-friendly benefits to all
of our employees.
- Bonus Program
- Pension and Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community InvolvementWe're serious about our
commitment to diversity which is why McAfee prohibits
discrimination based on race, color, religion, gender, national
origin, age, disability, veteran status, marital status, pregnancy,
gender expression or identity, sexual orientation or any other
legally protected status.
#J-18808-Ljbffr
Keywords: McAfee GmbH, DeSoto , Director, Product security, Executive , Frisco, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...
