Position Details

Salary $170K – $195K USD / year

Type Full-Time

Experience executive

Exp. Years Not specified

Education Not specified

Category Cybersecurity

About this role

Lead product security strategy for a cloud-native SaaS serving millions, guiding secure-by-design practices across the SDLC. Set standards for AWS-based systems, APIs, mobile applications, and AI-enabled features while partnering with engineering to reduce systemic risk.

Key Responsibilities

Execute forward-looking product security strategy
Own and mature the secure SDLC (threat modeling, design reviews, application security testing)
Establish standards for securing AWS-based cloud-native systems, APIs, mobile applications, and AI-enabled features
Drive measurable reductions in systemic risk and security debt
Prioritize security work based on risk and business impact

Technical Overview

This role owns and matures the secure SDLC, including threat modeling, security and privacy design reviews, application security testing, and software supply chain protections. It also establishes production controls and security standards for AWS-based cloud-native architectures, with coverage extending to APIs, mobile applications, and AI-enabled features.

Ideal Candidate

The ideal candidate is a senior product security leader who can set and mature a secure-by-design program across the secure SDLC. They have strong AWS cloud security expertise, lead threat modeling and application security testing, and establish security and privacy standards that translate strategy into engineering execution for a cloud-native SaaS organization.

Must-Have Skills

secure SDLCthreat modelingapplication security testingsoftware supply chain protectionssecure-by-design practicesestablish standards for securing AWS-based cloud-native systemsrisk-based prioritization

Nice-to-Have Skills

security and privacy design reviewsproduction controlsmobile application securityAI-enabled features security

Tools & Platforms

AWS

Required Skills

Product Securitysecure SDLCthreat modelingsecurity and privacy design reviewsapplication security testingsoftware supply chain protectionsproduction controlsAWS-based cloud-native systemsAPI securitymobile application securityrisk-based prioritizationsecurity debt reductioncloud securityprivacyAI-enabled features security

Hard Skills

secure SDLCthreat modelingsecurity design reviewsprivacy design reviewsapplication security testingsoftware supply chain protectionsproduction controlsAWS-based cloud-native systemssecure-by-design practicesAPI securitymobile application securitycloud securityapplication securityprivacyAI-enabled features securitysecurity strategyrisk-based prioritizationsecurity debt reductioncloud-native SaaS ecosystem securitysecurity and privacy threats

Soft Skills

leadershipbuild strong teamsinfluencing stakeholderscross-functional partnershipclaritythoughtful collaborationhigh standardsrisk-based decision makingmeasurable impact focuscommunication

Industry & Role

Industry Education

Job Function Direct product security strategy and execution across the secure software development lifecycle.

Role Subtype Security Architect

Tech Domains Amazon Web Services, Cybersecurity

Keywords for Your Resume

Senior Engineering DirectorProduct Securitysecure SDLCthreat modelingsecurity and privacy design reviewsapplication security testingsoftware supply chain protectionsproduction controlssecure-by-designrisk-based prioritizationsecurity debtAWS-based cloud-native systemscloud securityapplication securityprivacyAPIsmobile applicationsAI-enabled featuressecure development lifecyclesecurity strategysecurity engineering leadershipcloud-native SaaSremoteAWSprivacy design reviews

Deal Breakers

Cannot demonstrate leadership of secure-by-design / secure SDLC practices, No experience establishing standards for AWS-based cloud-native systems

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Senior Engineering Director, Product Security

Get matched to jobs like this