Senior Director, Product Security

September 12

Apply Now

Receive Emails with Similar Jobs

1Password

WebsiteLinkedInAll Job Openings

Cybersecurity • SaaS • Productivity

1Password is a leading password management and cybersecurity company that offers solutions for both individual and business customers to securely store and manage passwords, secrets, and sensitive information. With features like extended access management (XAM), 1Password empowers users to manage access to every application and web account, ensuring security across all devices with alerts for possible breaches. Trusted by over 150,000 businesses, 1Password provides comprehensive security solutions that enhance productivity by enabling easy and secure sharing of credentials and managing permissions, while maintaining high visibility and control. Their services cater to enterprises and families, providing protection from bad actors in today's SaaS-centric hybrid work environment.

501 - 1000 employees

Founded 2009

🔒 Cybersecurity

☁️ SaaS

⚡ Productivity

💰 $620M Series C on 2022-01

📋 Description

• You will set the strategy, build and scale programs, and partner with engineering, product, and security leadership to reduce risk while enabling innovation. • Manage a team of highly skilled security professionals, serve as a trusted advisor to the CISO, and act as a thought leader both inside and outside the organization. • Define and drive the company-wide Product Security strategy, with a focus on proactive risk reduction and enabling secure AI innovation. • Build and scale world-class programs for Application Security, Bug Bounty, Vulnerability Management, Data and Device Security, and Secure SDLC. • Establish metrics, reporting, and dashboards to measure program success and risk reduction. • Develop and oversee secure coding practices with an emphasis on AI adoption, threat modeling, security reviews, and code analysis practices. • Partner with engineering leadership to embed security into the SDLC and CI/CD pipelines, ensuring security is integrated from design to deployment. • Oversee vulnerability management and pentesting programs, ensure rapid triage, prioritization, and remediation of vulnerabilities across the environment. • Participate in an on-call rotation and support your team through the incident management process. • Lead data security program, responsible for our underlying cryptography and cryptographic libraries across product offerings as well as codebase secrets management. • Lead device security program, responsible for the development of security libraries and frameworks to support product feature development, security vulnerability remediation and minimization. • Represent Product Security in executive and board-level discussions, providing data-driven insights and recommendations. • Build and lead a Security Research team focused on identifying emerging threats, new attack vectors, and innovative defensive techniques.

🎯 Requirements

• 9+ years of progressive experience in security, with at least 5+ years leading security teams/programs at scale. • Education: Bachelors degree in Computer Science, Information Technology, Computer Engineering, or related fields; or equivalent work experience. • Deep expertise in Application Security, Vulnerability Management, Secure SDLC, and Bug Bounty programs. • Experience leading Security Research activities and engaging the security research community. • Strong track record of embedding security into engineering processes and influencing product development. • Proven experience leading security teams in high-growth technology or security-focused companies. • Passion for fostering psychological safety and stability in high stress environments. • Excellent communication skills with ability to convey complex security issues to technical and non-technical stakeholders, including executives and boards. • Thought leader with visibility in the security community (public speaking, open-source contributions, bug bounty engagement, etc.) a strong plus. • Experience leading security initiatives that support and/or incorporate AI capabilities. • Demonstrated software development experience with Go, Ruby on Rails, shell scripting, python, or other languages. • Experience collaborating across departments such as with internal business or engineering units, external incident response teams, and research teams. • USA-based roles only: must be legally authorized to work in the US; Canada-based roles only: must be legally authorized to work in Canada.

🏖️ Benefits

• 👶 Maternity and parental leave top-up programs • 🩺 Competitive health benefits • 🏝 Generous PTO policy • 📈 RSU program for most employees • 💸 Retirement matching program • 🔑 Free 1Password account • 🤝 Paid volunteer days • 🏆 Peer-to-peer recognition through Bonusly • 🌎 Remote-first work environment