Product Security and Privacy Architect (Austin, TX, US, 78753)

ASSA ABLOY·Remote(United States)
Legal & Compliance

WFA Digital Insight

As the demand for cybersecurity experts continues to rise, with a 25% increase in job postings in the past year, companies like ASSA ABLOY are looking for skilled professionals to lead their security and privacy efforts. The Product Security and Privacy Architect role is particularly interesting, as it requires a unique blend of technical expertise and strategic thinking. With the rise of remote work, companies are looking for candidates who can work independently and collaboratively to ensure the security and integrity of their products. Candidates should be aware that this role requires a strong foundation in security and privacy principles, as well as excellent communication and leadership skills.

Job Description

About the Role

The Product Security and Privacy Architect will play a crucial role in ensuring the security and privacy of ASSA ABLOY's products. As a member of the Product Security and Privacy team, you will be responsible for leading day-to-day security and privacy architecture governance, defining corporate-wide security and privacy requirements, and providing expert input on exploitability, attack paths, and mitigation options. You will work closely with cross-functional teams to ensure that security and privacy are integrated into all aspects of product development.

The successful candidate will have a strong technical background, with experience in software security, application security, or security architecture. You will be responsible for defining corporate-wide security and privacy requirements, controls, and standards, as well as leading the development of AI-enabled security and privacy architecture capabilities.

What You Will Do

  • Lead day-to-day security and privacy architecture governance, escalating and obtaining approval from the Chief Product Security and Privacy Architect as required
  • Define corporate-wide security and privacy requirements, controls, and standards
  • Define corporate-wide Secure Coding, third-party, deployment policies, and other architecture-related standards
  • Define required training content for security and privacy
  • Define paved roads/security and privacy-by-design patterns and libraries
  • Lead the development of AI-enabled security and privacy architecture capabilities, including defining use cases, requirements, and success criteria
  • Own the threat modeling framework and quality bars
  • Run and approve security and privacy architecture reviews
  • Lead audit and assessment planning, evidence of expectations, and defensibility
  • Be responsible for tooling selection and integration related to security and privacy architecture domain
  • Architect compliance, analyzing new regulations and standards to identify gaps in the platform's capabilities, standards, and controls
  • Assess new acquisitions' architecture and contribute to due diligence on a needed basis

What We Are Looking For

  • Master's Degree in computer science or similar qualifications
  • At least 3 years of experience in software security, application security, or security architecture
  • At least 7 years of hands-on software engineering, QA, or DevOps experience earlier in career
  • At least one security or privacy certification (CISSP, CIPT, CSSLP, CEH, etc.)
  • Proven ownership of at least one of: threat modeling program, secure design review governance, audit evidence management, security tooling strategy, penetration testing program, or similar
  • Experience contributing to at least one Secure Software Development Lifecycle (SSDL) program, either as a security architect, security champion, or similar role
  • Working knowledge of general principles of application security
  • Working knowledge of threat modeling principles
  • Working knowledge of security standards (OWASP, ISO, NIST, etc.)
  • Knowledge of security regulations, such as the Radio Equipment Directive (RED), Cyber Resilience Act (CRA), etc.

Nice to Have

  • Experience with AI-enabled security and privacy architecture
  • Experience with cloud security and compliance
  • Experience with security and privacy-by-design principles
  • Experience with threat modeling and secure coding practices

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a leading company in the security and privacy industry
  • Collaborative and dynamic work environment
  • Professional development opportunities
  • Remote work options
  • Flexible working hours
  • Access to cutting-edge technology and tools
  • Recognition and reward for outstanding performance

How to Stand Out

  • Make sure to highlight your experience with security and privacy architecture, including any relevant certifications or training.
  • Be prepared to provide examples of your experience with threat modeling, secure coding practices, and security standards.
  • Show a thorough understanding of security regulations and compliance requirements.
  • Demonstrate your ability to work independently and collaboratively as part of a cross-functional team.
  • Prepare to discuss your experience with AI-enabled security and privacy architecture, as well as your knowledge of cloud security and compliance.
  • Be ready to provide examples of your problem-solving skills and ability to think critically and strategically.
  • Research the company and the role thoroughly, and be prepared to ask informed questions during the interview process.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.