Product Security Lead - Cloud, Data & AI Security
United States,
New York
Permanent
Job ID: 2538
Job Description
[Up to c. $350k Comp Package | Hybrid Working]
Role Overview
A leading global financial institution is building out a senior product security capability across application, data, cloud and emerging AI security. This is a hands-on leadership role for someone who can shape standards, influence engineering teams and still get close to the technical detail. You’ll lead secure-by-design adoption across software delivery, cloud platforms and data-driven products, helping teams reduce risk early without slowing delivery..
Key Responsibilities
- Lead product security across application, data, cloud and AI-enabled technology environments
- Embed secure design, threat modelling and risk assessment into software and data delivery lifecycles
- Drive DevSecOps maturity through automated controls, CI/CD security testing and practical developer guardrails
- Own application security services across SAST, DAST, SCA, findings triage and remediation prioritisation
- Partner with engineering teams to improve secure coding standards, developer education and vulnerability reduction
- Support data security initiatives across classification, protection, access controls and lifecycle risk
- Advise on secure configuration and control design across IaaS, PaaS and SaaS environments
- Help define secure AI adoption practices covering application, model, data and governance risks
- Lead, coach and develop a product security practice with strong business and engineering alignment
What You’ll Bring…
- 8+ years across product security, application security or software security engineering, ideally within financial services or capital markets
- Hands-on expertise across secure SDLC, DevSecOps, threat modelling and technical design risk assessment
- Proven experience delivering SAST, DAST and software composition analysis programmes at scale
- Strong cloud security knowledge across IaaS, PaaS and SaaS, ideally including Azure, CSPM and SSPM
- Practical understanding of data security controls, ideally including DSPM, data classification and protection workflows
- Secure AI, AI governance, model-risk or AI application security exposure
- Ability to work credibly with engineering, platform, data, cloud and senior security stakeholders
- Track record as a player-coach security leader who can set direction and remain technically close to delivery
- Strong communication, prioritisation and influencing skills in a complex enterprise environment
- (Preferred) Exposure to cloud-native security, container security, API security or software supply-chain security
- (Preferred) Security certifications such as CISSP, CSSLP, CCSP, OSWE, GWAPT or cloud security equivalents
...
Apply for this role
All fields marked with * are required.