This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
Workato - Palo Alto, CA
posted 2 months ago
About the position
The Director of Product Security at Workato is a pivotal role responsible for establishing and leading a global security team focused on product and infrastructure security. This hands-on leadership position requires a blend of practical experience and theoretical knowledge in software security, including application security, cloud security, and secure coding practices. The director will develop and implement a comprehensive product security strategy, manage a team of security professionals, and ensure the security posture of Workato's products aligns with industry standards and best practices.
Responsibilities
- Establish and lead a global security team responsible for product and infrastructure security.
- Develop and implement a comprehensive product security strategy.
- Manage and mentor a team of security engineers and analysts, providing guidance for their professional growth.
- Identify, develop, implement, and maintain security programs across product development and production environments.
- Define strategic direction and set objectives to improve the team's impact and leadership position among SaaS providers.
- Oversee critical cybersecurity areas including incident response, disaster recovery, and digital security.
- Lead product security operations to protect against threats and respond to incidents.
- Grow product security programs to an industry-leading position and improve existing approaches.
- Build strong relationships with product, engineering, and operations teams to implement security controls.
- Communicate effectively with stakeholders about the security posture of products.
- Develop and enforce security policies and procedures based on best practices.
- Partner with executive leadership to ensure security is integrated into application and platform development.
- Utilize metrics to measure the efficiency and effectiveness of the security program.
- Support compliance with SOC2, HIPAA, and other standards, expanding certifications as needed.
- Lead incident response activities and post-mortem analysis for security breaches.
- Conduct hands-on security assessments, code reviews, and penetration testing.
Requirements
- Minimum of 4 years of experience leading a team in product security or application security.
- Hands-on experience designing and deploying security controls across various security domains.
- Deep understanding of security principles, techniques, and technologies such as OWASP Top 10 and SANS Top 25.
- Familiarity with compliance frameworks and standards such as ISO 27001 and SOC 2.
- Understanding of Application Security threats and countermeasures.
- Practical knowledge of security technologies applicable to SaaS Web applications.
- Ability to provide strategic product security mentorship based on threat modeling and design reviews.
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
- Relevant security certifications (e.g., CISSP, OSCP, CEH) are a plus.
Nice-to-haves
- Experience with security technologies like Firewalls, IDS/IPS, and SIEM.
- Knowledge of data protection and vulnerability management techniques.
Benefits
- Competitive salary starting at $200,000.
- Benefits, perks, and equity options.
