Vice President, Product Security
Atlanta, GA, United States
Full Time Executive-level / Director USD 200K - 300K
KION Group
Wir sind ein führender Anbieter für Gabelstapler und Lagertechnik sowie Automatisierungstechnologien und Softwarelösungen für die Optimierung von Lieferketten.You and your team will work closely with cross-functional teams to ensure that security is embedded throughout the product development lifecycle. The VP will be responsible for creating a Security Operations Center (SOC) to monitor all security aspects of the product environment and will be the primary point of contact for security incident response. This role will also ensure compliance with relevant regulations such as GDPR, NIS-2, the EU Cyber Resilience Act, and other relevant legislation.What we offer:
- Responsible for product security for the world’s largest warehouse automation provider at ~3B Euros in annual revenue
- Responsible for product security for solutions installed at over 8,000 customers worldwide running some of the most high-volume, mission critical supply chains in the world with extremely stringent uptime and security requirements
- Responsible for product security for solutions used by many global or fortune 500 companies
- Given the rapid growth in cyber security threats, data protection requirements, and the increased complexity in our product and technology offerings such as SaaS, OT, and artificial intelligence the need for an experienced leader with the expertise to put in place a comprehensive program to ensure product security across our complex landscape is more critical than ever to ensure we protect both our customers and the company
- Develop and implement a comprehensive product and operational technology security strategy, policies, and procedures that align with industry best practices and regulatory requirements, integrating these with the company's overall information security framework led by the CISO
- Collaborate closely with the CISO and their team to align security practices across software products and operational technology systems, ensuring a unified approach to cybersecurity
- Participate in joint initiatives with the CISO's organization to address broader security concerns and leverage collective expertise
- Lead and manage a team of product security professionals, providing mentorship, guidance, and support in their day-to-day activities
- Collaborate with product development and operational technology teams to embed security practices into the lifecycle of both software and hardware components, from design to deployment
- Oversee the integration of operational technology security into the company's existing cybersecurity framework, addressing unique challenges and standards relevant to industrial control systems
- Conduct thorough security assessments and risk analysis for new and existing products and operational technologies, identifying vulnerabilities specific to software, hardware, and PLCs
- Stay updated on the latest security threats, vulnerabilities, and industry trends to proactively address emerging risks and enhance the security posture of our products
- Work closely with legal and compliance teams to ensure compliance with relevant data protection and privacy regulations, such as GDPR, CCPA, and HIPAA
- Develop and maintain specialized training programs and awareness campaigns addressing the unique security needs of operational technology and PLCs
- Establish and maintain relationships with external security experts, vendors, and partners to leverage their expertise and stay abreast of the evolving threat landscape
- Collaborate with customer-facing teams to address customer inquiries, concerns, and security-related incidents promptly and effectively
- Oversee the implementation and maintenance of security controls, technologies, and tools, such as vulnerability scanners, penetration testing, and secure coding practices
- Conduct regular security audits and assessments to identify gaps, recommend improvements, and ensure ongoing compliance with industry standards
- Prepare and deliver executive-level reports and presentations on the state of product security, key metrics, and progress towards security goals
- Foster a culture of security awareness and education within the organization through training programs, workshops, and awareness campaigns
- Establish and maintain a Security Operations Center (SOC) to monitor all security aspects of the product environment
- Ensure compliance with relevant regulations impacting both software and operational technology, such as GDPR, NIS-2, the EU Cyber Resilience Act, and industry-specific standards like ISA/IEC 62443
- Lead and respond to security audits ensuring compliance and continuous improvement in security practices
- Provide comprehensive security updates to Dematic executive leadership and the board of directors, including security efforts, achievements, and strategic plans
- Bachelor's or Master's degree in computer science, information security, or a related field. Relevant certifications (e.g., CISSP, CISM, CSSLP) are highly desirable
- Proven experience (8+ years) in product security, cybersecurity, or a related field, with a track record of successfully leading security initiatives in a SaaS environment
- In-depth knowledge of security frameworks, standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, OWASP Top Ten, and secure software development practices (e.g., SDL, DevSecOps)
- Strong understanding of cloud-based infrastructure, web application security, network security, encryption, authentication, and access control mechanisms
- Familiarity with relevant data protection and privacy regulations (e.g., GDPR, CCPA) and their implications for SaaS products
- Experience in managing and leading a team of security professionals, including hiring, performance management, and professional development
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders at all levels of the organization
- Proven analytical and problem-solving abilities, with the ability to think strategically and make sound decisions in a fast-paced environment
- Strong project management skills, with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines
- Demonstrated commitment to ongoing learning and professional development in the field of product security
The pay range for this role is estimated to be $200,000.00 - $300,000.00 at the time of posting and will be eligible for incentive compensation in accordance with company practices. Final compensation will be determined by various factors such as work location, education, experience, knowledge, and skills.
Tags: Application security Artificial Intelligence Audits Automation CCPA CISM CISO CISSP Cloud Compliance Computer Science DevSecOps Encryption GDPR HIPAA IEC 62443 Incident response Industrial ISO 27001 Network security NIST OWASP Pentesting Privacy Product security Risk analysis Risk management SaaS Security assessment Security strategy SOC Strategy Vulnerabilities
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs