Senior Director, Digital Product Security - REMOTECome Make the World With Us
It takes great people to achieve greatness. People with a sense of purpose and integrity. People with a relentless pursuit of excellence. People who care about making things better For Those Who Make The World™. Sound like you? Join our top-notch team of 54,000+ professionals in 60 countries who are making their mark on some of the world's most beloved brands, including DEWALT, CRAFTSMAN, STANLEY, BLACK+DECKER, IRWIN, LENOX and more.What You'll Do
As a Senior Director, Digital Product Security, you'll be part of our Digital Product CyberSecurity team located remotely.
You'll get to:
Who You Are
- Mentor and guide digital product leadership and business stakeholders on cybersecurity in mitigating risks, strengthening defenses, and reducing vulnerabilities in SBD products.
- Lead a team of security governance, engineering and operational professionals responsible for Digital Product Security program planning, advise on secure design, training development, digital product vulnerability and risk management, attack mitigation, pen testing, R&D, and ongoing support of cybersecurity services to fulfill business needs.
- Interact with customers (internal and external) by presenting cybersecurity concepts within SBD digital products and services and managing concerns over industry security risks and events.
- Work closely with security subject matter experts. Develop and nurture digital product security team members by motivating, mentoring, and assisting in hiring critical talent.
- Lead the development, operations, and support of diverse cybersecurity tools, processes and services to support SBD's secure digital product development and innovation.
- Drive Cybersecurity education and training with SBD's global digital product and engineering teams with the objective to instill a mindset and culture of secure development.
- Effectively manage cross-functional internal and external team collaboration and communications.
- Prioritization, planning of projects, stakeholder management, and continuing the leadership of an established Digital Product Security Council.
- Respond to and assist with due diligence and internal / external security audit requests.
- Work closely with research and product development teams, undertake research of threat vectors, and provide mitigation strategies.
- Implement software, data, and digital product security solutions in accordance with industry accepted standards and the internally developed Cyber Verified program.
- Manage staff, including goal setting, annual reviews, compensation planning, and career development.
You always strive to do a good job...but wouldn't it be great if you could do your job and do a world of good? You care about quality - at every level. You love to learn and grow and be acknowledged for your valuable contributions. You're not intimidated by innovation. In fact, you embrace it.
You also have:
What You'll Receive
- Detailed understanding in range of security domains: software, data and digital product protection, threat modelling, encryption and related security controls
- Knowledge of governance, risk and compliance frameworks and methodologies
- Experience with security of cloud native applications, distributed computing and embedded systems
- Experience delivering highly available security solutions
- Possess software development skills/experience specifically related to implementation of security requirements and secure coding standards.
- Industry recognized Security Certifications e.g. ISC2 CISSP, SANS GIAC, Offensive Security OSCP.
- Demonstrated history engaging senior leaders in Cybersecurity concepts, program delivery and in creating visual expressions of improved security posture
- History of developing action plans from external 3rd party Cybersecurity assessments
- Expert level knowledge of globally accepted product security principles, compliance standards, and technologies.
- Applied knowledge of risk management concepts at the enterprise level
- Experience designing and implementing security solutions
- Knowledge of network security that pertains to communications, computer system environments and related infrastructures.
- Knowledge of server and desktop configurations that will protect systems from unauthorized access and software invasion.
- Knowledge of embedded system security and mobile application development
- Preferred certification: CISSP, GIAC, CISA SSCP or, CEH
- Undergraduate degree and 10+ years relevant experience, or
- Graduate degree and 8-10 years relevant experience.
You'll receive a competitive salary and a great benefits plan:
How you'll feel:
- Medical, dental, life, vision, wellness program, disability, 401(k), Employee Stock Purchase Plan, paid time off and tuition reimbursement.
- Discounts on Stanley Black & Decker tools and other partner programs.
We want our company to be a place you'll want to be - and stay. Being part of our team means you'll get to:
- Grow: Be part of our global company with 20+ brands to grow and develop your skills along multiple career paths.
- Learn: Have access to a wealth of learning resources, including our Lean Academy, Coursera® and online university.
- Belong: Experience an awesome place to work, where we have mutual respect and a great appreciation for diversity, equity and inclusion.
- Give Back: Help us continue to make positive changes locally and globally through volunteerism, giving back and sustainable business practices.
What's more, you'll get that pride that comes from empowering makers, doers, protectors and everyday heroes all over the world. We're more than the #1 tools and storage company and #2 security solutions provider, with a leading presence in engineered fastening. We're visionaries. Industry 4.0 innovators. As successful as we've been in the past, we have so much further to go. That's where you come in. Join us!#LI-AH1
All qualified applicants to Stanley Black & Decker are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran's status or any other protected characteristic.