Director of Product Security

Responsibilities

• In this role you will be responsible for leading the team working identifying software and hardware protective cybersecurity measures, conducting threat analysis and researching industry best practices and cyber incidents and performing related activities necessary to define concrete actions around cybersecurity posture for Zoox’s product.
• You will be leading the advancement of Zoox’s product security function and take it to the next level of maturity which will include taking on other related security functions such as security analytics, Threat Management, and/or managing support and engineering for cybersecurity.
• You and your team will work collaboratively with business and technical teams to identify security risks, implement security controls, and ensure compliance with applicable laws and regulations to protect the organization's services, systems and data.
• Builds relationships and collaboration partnerships with the engineering teams to implement the required cybersecurity capabilities that protect Zoox’s product.
• Work with internal business partners such as Finance, Legal, Policy, HR, Comms to help guide them during security incidents.
• Present periodic status reports to the organization on the product cybersecurity case informing about its progress and roadmap with fully defined quantifiable metrics.
• Help developing an Incident Response Steering team to guide the program growth.

Qualifications

• BS/MS/PhD in computer science or a related field
• 10+ years of hands-on experience on Product Cyber Security and/or Enterprise Cyber Security
• Prior engineering management experience shipping complex software and products
• Prior experience working with Executive Leaders and Technical Program Managers to create and execute cybersecurity roadmaps for your team and the organization 
• Experience in managing managers and with headcount planning and partnering with recruiting organizations to achieve hiring milestones
• Strong communication skills as they engage and provide updates to the senior leadership team up to the executive team
• Strong interpersonal skills with the ability to work effectively with cross functional partnerships
• Maintains a strong understanding of current cybersecurity threats and countermeasures, such as Advanced Persistent Threats (APTs), cyber-crime, hacktivism, and associated tacticsKnowledge of industry standard frameworks as NIST, IPCI, SOX, HIPAA and standards such as ISO21434 and ISO 27001