Tech Jobs for Talents without Borders
English-1st. Relocation-friendly. Curated daily by Imagine.
4,699 Jobs at 191 Companies

Vice President, Product Security

Kion Group AG

Kion Group AG

Atlanta, GA, USA
Posted on Wednesday, January 31, 2024
We are seeking an experienced and highly skilled Vice President of Product Security to join our Global Product & Solutions organization. This senior-level leadership role is responsible for establishing and maintaining a comprehensive product security program, ensuring the security of our software products and all operational technology, including Programmable Logic Controllers (PLCs). As the VP, you will be responsible for establishing and maintaining a robust product security program to safeguard our software products and protect our customers' data and privacy. This is a senior-level leadership role that requires a strong background in product security, risk management, and regulatory compliance. Additionally, the VP will work closely with the Chief Information Security Officer (CISO) and their organization to align product security initiatives with the broader information security strategy of the company.

You and your team will work closely with cross-functional teams to ensure that security is embedded throughout the product development lifecycle. The VP will be responsible for creating a Security Operations Center (SOC) to monitor all security aspects of the product environment and will be the primary point of contact for security incident response. This role will also ensure compliance with relevant regulations such as GDPR, NIS-2, the EU Cyber Resilience Act, and other relevant legislation.

What we offer:

  • Responsible for product security for the world’s largest warehouse automation provider at ~3B Euros in annual revenue
  • Responsible for product security for solutions installed at over 8,000 customers worldwide running some of the most high-volume, mission critical supply chains in the world with extremely stringent uptime and security requirements
  • Responsible for product security for solutions used by many global or fortune 500 companies
  • Given the rapid growth in cyber security threats, data protection requirements, and the increased complexity in our product and technology offerings such as SaaS, OT, and artificial intelligence the need for an experienced leader with the expertise to put in place a comprehensive program to ensure product security across our complex landscape is more critical than ever to ensure we protect both our customers and the company
  • Develop and implement a comprehensive product and operational technology security strategy, policies, and procedures that align with industry best practices and regulatory requirements, integrating these with the company's overall information security framework led by the CISO
  • Collaborate closely with the CISO and their team to align security practices across software products and operational technology systems, ensuring a unified approach to cybersecurity
  • Participate in joint initiatives with the CISO's organization to address broader security concerns and leverage collective expertise
  • Lead and manage a team of product security professionals, providing mentorship, guidance, and support in their day-to-day activities
  • Collaborate with product development and operational technology teams to embed security practices into the lifecycle of both software and hardware components, from design to deployment
  • Oversee the integration of operational technology security into the company's existing cybersecurity framework, addressing unique challenges and standards relevant to industrial control systems
  • Conduct thorough security assessments and risk analysis for new and existing products and operational technologies, identifying vulnerabilities specific to software, hardware, and PLCs
  • Stay updated on the latest security threats, vulnerabilities, and industry trends to proactively address emerging risks and enhance the security posture of our products
  • Work closely with legal and compliance teams to ensure compliance with relevant data protection and privacy regulations, such as GDPR, CCPA, and HIPAA
  • Develop and maintain specialized training programs and awareness campaigns addressing the unique security needs of operational technology and PLCs
  • Establish and maintain relationships with external security experts, vendors, and partners to leverage their expertise and stay abreast of the evolving threat landscape
  • Collaborate with customer-facing teams to address customer inquiries, concerns, and security-related incidents promptly and effectively
  • Oversee the implementation and maintenance of security controls, technologies, and tools, such as vulnerability scanners, penetration testing, and secure coding practices
  • Conduct regular security audits and assessments to identify gaps, recommend improvements, and ensure ongoing compliance with industry standards
  • Prepare and deliver executive-level reports and presentations on the state of product security, key metrics, and progress towards security goals
  • Foster a culture of security awareness and education within the organization through training programs, workshops, and awareness campaigns
  • Establish and maintain a Security Operations Center (SOC) to monitor all security aspects of the product environment
  • Ensure compliance with relevant regulations impacting both software and operational technology, such as GDPR, NIS-2, the EU Cyber Resilience Act, and industry-specific standards like ISA/IEC 62443
  • Lead and respond to security audits ensuring compliance and continuous improvement in security practices
  • Provide comprehensive security updates to Dematic executive leadership and the board of directors, including security efforts, achievements, and strategic plans

Tasks and Qualifications:

  • Bachelor's or Master's degree in computer science, information security, or a related field. Relevant certifications (e.g., CISSP, CISM, CSSLP) are highly desirable
  • Proven experience (8+ years) in product security, cybersecurity, or a related field, with a track record of successfully leading security initiatives in a SaaS environment
  • In-depth knowledge of security frameworks, standards, and best practices, such as ISO 27001, NIST Cybersecurity Framework, OWASP Top Ten, and secure software development practices (e.g., SDL, DevSecOps)
  • Strong understanding of cloud-based infrastructure, web application security, network security, encryption, authentication, and access control mechanisms
  • Familiarity with relevant data protection and privacy regulations (e.g., GDPR, CCPA) and their implications for SaaS products
  • Experience in managing and leading a team of security professionals, including hiring, performance management, and professional development
  • Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders at all levels of the organization
  • Proven analytical and problem-solving abilities, with the ability to think strategically and make sound decisions in a fast-paced environment
  • Strong project management skills, with the ability to prioritize tasks, manage multiple projects simultaneously, and meet deadlines
  • Demonstrated commitment to ongoing learning and professional development in the field of product security

The pay range for this role is estimated to be $200,000.00 - $300,000.00 at the time of posting and will be eligible for incentive compensation in accordance with company practices. Final compensation will be determined by various factors such as work location, education, experience, knowledge, and skills.