Director - Digital Product Security and OperationsThe Job: The Director of Digital Product Security and Operations will lead a global team responsible for the security, compliance, and operational excellence of our Digital Solutions offerings for Construction Technology. This leadership role ensures the confidentiality, integrity, and availability of our systems and data, driving a culture of collaboration, automation, and continuous improvement. The successful candidate is passionate about delivering robust, secure, and scalable digital solutions and thrives in a collaborative, cross-functional environment. You will leverage your technical expertise and leadership to solve complex security, DevOps and operational support challenges and drive business outcomes.
You'll get to:
Key Responsibilities:- Championing DevOps & Operational Support practices
- Identify and drive automation opportunities to streamline security and operational processes.
- Advocate for and implement Infrastructure as Code and automated security controls within CI/CD pipelines.
- Implementation of follow-the-sun operational support model
- Fostering Collaboration and Shared Ownership
- Break down silos between development, operations, and security team members.
- Promote open communication and cross-functional teamwork.
- Establish shared goals and accountability across teams.
- Technical Leadership & Security Architecture
- Design, develop, and oversee comprehensive security architectures for AWS Cloud environments.
- Familiarity and hands on experience integrating security solutions (e.g., GuardDuty, Security Hub, IAM, KMS, CSPM, SIEM, Wiz, Static code analysis tools like Mend) for holistic coverage.
- Lead the implementation of Infrastructure as Code using tools like Terraform.
- Continuous Learning and Improvement
- Foster a culture of experimentation, learning from failure, and continuous improvement.
- Invest in team training, certifications, and knowledge sharing.
- Stay updated with industry trends and emerging technologies.
- Security and Compliance
- Integrate security best practices into the DevOps lifecycle (DevSecOps).
- Lead security strategy for SOC2, NIST, ISO27001, and other regulatory certifications.
- Architect and oversee GRC processes, including risk assessments, policy development, and remediation tracking.
- Measurement and Data-Driven Decision Making
- Define and track key metrics to measure DevOps and security success.
- Use data to drive continuous improvement and optimize workflows.
- Incident Response & Vulnerability Management
- Develop and guide incident response plans, lead detection and investigation efforts, and coordinate timely resolution and root cause analysis.
- Architect vulnerability management programs, including regular assessments, penetration testing, and remediation.
- Security Awareness & Enablement
- Lead organization-wide security awareness initiatives and training.
- Foster a culture of security through strategic communication and enablement.
- Documentation & Reporting
- Define and maintain security architecture documentation, controls, incident records, and compliance activities.
- Prepare executive-level reports for stakeholders and leadership.
The Person: You love to learn and grow and be acknowledged for your valuable contributions. You're not intimidated by innovation. Wouldn't it be great if you could do your job and do a world of good? In fact, you embrace it. You also have:
Education- Undergraduate degree in computer science, engineering, or a related field (or 6 years equivalent work experience in digital technologies).
- Advanced degrees or certifications in cybersecurity, cloud security, or digital technology are highly desirable.
Experience- 10+ years of relevant experience in leading digital product security, cloud security architecture, DevOps and operational support.
- Demonstrated experience leading global teams in cloud-native software development and delivery environments (AWS, Azure, Google Cloud).
- Mastery of automation tools and Infrastructure as Code (Terraform, Ansible, CloudFormation).
- Hands-on experience with CI/CD pipelines and tools
- Highly desired tp have proven track record in achieving and maintaining compliance with SOC2, NIST, ISO27001, and similar standards.
- Strong background in incident response, vulnerability management, and GRC processes.
- Experience collaborating with external partners, vendors, and cross-functional teams.
Core Competencies - Moden Cloud Native software development
Leadership Competencies - Driving Digital Innovation
- Operating From a Global Perspective
The Details: You'll receive a competitive salary and a great benefits plan, including:
- Medical, dental, life, vision, disability, 401(k), Employee Stock Purchase Plan, paid time off, and tuition reimbursement in addition to programs & benefits in support of your well-being.
- Discounts on Stanley Black & Decker tools and other partner programs.
And More: We want our company to be a place you'll want to be - and stay. Being part of our team means you'll get to:
- Grow: Be part of our global company with 20+ brands to grow and develop your skills along multiple career paths.
- Learn: Have access to a wealth of learning resources, including our digital learning portal.
- Belong: Experience an awesome place to work, where we have mutual respect and a great appreciation for a wide range of perspectives and experiences.
- Give Back: Help us continue to make positive changes locally and globally through volunteerism, giving back, and sustainable business practices.
#LI-NM1
#LI-Remote
The Salary range for this position is $134,300.00 - $231,700.00
- This is the lowest to highest annual full-time salary range we would pay for this role at the time of this posting. The salary offered within the range may vary depending on multiple factors including job level, geographic location, job-related knowledge, skills, qualifications, experience and in compliance with local wage requirements. Please note that salary is only one component of total rewards at Stanley Black & Decker.
- The salary range listed in this job posting reflects the range for the primary location specified. The salary range may vary for other locations.
- The successful candidate may be eligible for annual merit increases.
- Medical, dental, life, vision, disability,401(k), Employee Stock Purchase Plan, paid time off, and tuition reimbursement in addition to programs & benefits in support of your well-being.
- Discounts on Stanley Black & Decker tool sand other partner programs.
