Semperis

AVP of Product Security

Semperis$130K — $180K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10+ years of information security experience, with 5+ years in product security or security architecture roles.
  • Demonstrated ability to embed security in the software development lifecycle (SDLC) for software or SaaS.
  • Expertise in security architecture within cloud native and hybrid environments, preferably Azure.
  • Hands-on experience with implementing security controls for AI and ML systems.
  • Experience in building enterprise vulnerability management programs with risk-based prioritization.
  • Proven ability to influence at the executive level, driving alignment across different organizations.
  • Strong communication skills to convey technical risks in business terms.

Responsibilities

  • Establish secure by design standards and target security architecture across product development.
  • Shift security left into product and engineering to minimize late-cycle issues.
  • Build a comprehensive vulnerability management program that includes AI threats.
  • Enable secure adoption of AI across products and internal systems.
  • Define clarity-driven security architecture patterns
  • Own risk-based prioritization and remediation for enterprise vulnerabilities.
  • Lead technical standards consistent across Product, Engineering, and Security teams.
  • Foster collaborative partnerships among Product, Engineering, and Security teams.
  • Recruit and develop a strong team of product security engineers.

Benefits

  • Hybrid work model allowing up to three days in the office and remote work.
  • Executive backing for transformation efforts in security practices.
  • Opportunity to build a product security practice from the ground up.
  • Work in a fast-growing company with a focus on AI security.
Full Job Description


About the Role

We are seeking an AVP of Product Security, reporting directly to the Chief Information Security Officer. This leader will drive security into product development. This is a transformation role to scale company wide efforts across our products, and the right leader will bring a mindset that drives the business forward and with scalability at top of mind. You will drive the approach, patterns, and engagement that embed security through design standards, threat modeling, and automated processes.

The AVP of Product Security will own security architecture and vulnerability management. Architecture sets the standard at design time, and vulnerability management proves whether it held. This holistic approach means you set the direction and you get the data to steer by, with ownership over the environment.

AI is what makes this the moment. It is moving to the core of what we ship and how we build, and you will define how we secure it, from architecture patterns for models and agents to a vulnerability management program built for threats that did not exist two years ago. This is a chance to build the practice, with executive backing and a company growing fast enough to make it count.

What you will be doing:
  • Establish secure by design standards and the target state security architecture across product development, covering threat modeling, secure design review, secure SDLC, and vulnerability management.
  • Shift security left into product and engineering to reduce risk and cost, so that fewer issues surface late in the release cycle where remediation is most expensive.
  • Build a formal vulnerability management program encompassing both traditional vulnerability management and AI. This includes addressing prompt injection, model manipulation and evasion, training data poisoning, model and data exfiltration, insecure model supply chain, and unsafe agentic behavior.
  • Enable secure AI adoption across our products and internal systems.
  • Define security architecture patterns that drive clarity with the business and enable the right guardrails.
  • Own risk based prioritization, remediation SLAs, and executive reporting for enterprise vulnerability management.
  • Provide senior technical leadership and create clear, consistent standards across Product, Engineering, and Security.
  • Build proactive security leadership and trusted partnerships across Product, Engineering, and Security teams.
  • Recruit, develop, and lead a strong team of product security engineers and security architects.

What you will bring to the table:

A proven track record across a variety of large, product driven organizations, with a focus on transformation, scale, and partnering with the business.
  • 10+ years of information security experience, including 5+ years leading product security, security architecture, and/or vulnerability management functions.
  • Proven experience embedding security into the Software Development Lifecycle SDLC at a software or SaaS company, including threat modeling, secure design review, code and dependency scanning, and penetration testing.
  • Deep security architecture expertise across cloud native and hybrid environments (Azure preferred).
  • Hands on experience implementing AI and ML security controls.
  • Experience building or maturing enterprise vulnerability management programs, including risk based prioritization and remediation governance.
  • A track record of influencing at the executive level and driving alignment across Product, Engineering, and Security organizations.
  • Strong communication skills, with the ability to translate technical risk into clear business terms that enable decisions.

Bonus Points:
  • Experience securing agentic AI systems or AI enabled products in production.
  • Familiarity with identity security, Active Directory, and Entra ID.
  • Experience supporting compliance programs such as FedRAMP, SOC 2, ISO 27001, or NIST frameworks.
  • Relevant certifications (CISSP, CSSLP, SABSA, TOGAF).


**Semperis maintains office locations in several cities across the globe. Where the job description specifies a required location, candidates will follow our hybrid work model. This includes working up to three days per week and remotely the remaining days.

About Semperis

Semperis is a cybersecurity company that specializes in identity-driven security solutions for Microsoft enterprise environments. The company was founded in 2013 and is headquartered in New York City, with additional offices in Tel Aviv and London. Semperis' products and services help organizations protect their critical assets from cyber threats, including ransomware, phishing, and other attacks. The company's solutions are used by Fortune 500 companies, government agencies, and other organizations around the world. Semperis is committed to innovation and has received numerous awards for its technology and services.
Learn more about Semperis
Size
100 employees
Industry
Net Income
-$5 million
Founded
2013
5 Year Trend
+50%
Revenue
$10 million
NASDAQ

Similar Jobs

More Jobs at Semperis

More Information Technology Jobs

Find similar AVP of Product Security jobs: