ASSA ABLOY Door Security Solutions

Product Security and Privacy Architect

Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Master's Degree in Computer Science or related field.
  • 3+ years in software/product security or security architecture.
  • 7+ years of hands-on experience in software engineering, QA, or DevOps.
  • At least one relevant security or privacy certification is preferred.
  • Experience in managing security tool strategies or programs including threat modeling.

Responsibilities

  • Lead daily governance of security and privacy architecture.
  • Define company-wide security requirements and standards.
  • Develop secure coding and deployment policies.
  • Establish training content for security practices.
  • Oversee security architecture reviews and audits.
  • Manage tooling selection and integration for security architecture.
  • Architect compliance with regulations and standards.

Benefits

  • Competitive benefits and annual leave for work-life balance.
  • Vibrant, inclusive workplace culture.
  • Extensive career development opportunities.
  • Part of a pioneering global organization in security technology.
Full Job Description
An Amazing Career Opportunity for a Product Security and Privacy Architect!!

Location: Remote (US & Europe)

Job ID: 47563

As part of the Product Security and Privacy team, reporting to the Chief Product Security & Privacy Architect, you will support product teams in adopting and implementing HID's security and privacy program.

Accountable for the quality, consistency, and defensibility of all security & privacy related artifacts you guarantee that outputs are "audit-ready," and not just "done."

You will have opportunities to work on a very wide portfolio of applications based on different technologies (Web, Embedded, Mobile, Desktop) within a very diverse and international context covering all five HID Business Areas.

As our Product Security and Privacy Architect, you'll support HID's success by:
  • Leading day-to-day security/privacy architecture governance, escalating and obtaining approval from the Chief Product Security & Privacy Architect as required.
  • Defining corporate wide security and privacy requirements, controls, and standards.
  • Defining corporate wide Secure Coding, third-party, deployment policies & other architecture-related standards.
  • Defining required training content.
  • Defining paved roads/security and privacy-by-design patterns and libraries.
  • Leading development of AI-enabled PSP Architecture capabilities: define use cases, requirements, and success criteria.
  • Owning the threat modeling framework and quality bars.
  • Running/approving security & privacy architecture reviews.
  • Leading audit/assessment planning, evidence of expectations, and defensibility.
  • Being responsible for tooling selection and integration related to security & privacy architecture domain.
  • Architecting compliance, analyzing new regulations and standards to identify gaps in the platform's capabilities, standards, and controls.
  • Assessing New Acquisitions Architecture and contributing to due diligence on a needed basis.
  • Providing recommendations for risk acceptance and exception requests.
  • Providing input on tooling strategy and integration guidance for non-architecture related domains.
  • Providing guidance on security requirements for supply chain tooling, pipeline architecture, and associated standards.
  • Validating that platform architecture enables enforcement of PSP security controls.
  • Providing expert input on exploitability, attack paths, and mitigation options during Incident handling process
  • Providing guidance on true risk vs noise for security tool outputs and penetration tests.
  • Providing subject-matter depth during training delivery: advanced Q&A, edge cases, Offer office hours or follow-ups for complex topics


Your Experience and Background include:
  • Master's Degree, computer science, or similar qualifications.
  • At least 3 years in software/product security, application security, or security architecture
  • At least 7 years of hands-on software engineering / QA / DevOps earlier in career (or equivalent).
  • At least one security or privacy certification (CISSP, CIPT, CSSLP, CEH, ...) is a plus.
  • Proven ownership of at least one of: threat modeling program, secure design review governance, audit evidence management, security tooling strategy, penetration testing program or similar.
  • Experience contributing to at least one Secure Software Development Lifecycle (SSDL) program, either as a security architect, security champion, or similar role.
  • Working knowledge of general principles of application security
  • Working knowledge of threat modeling principles.
  • Working Knowledge of security standards (OWASP, ISO, NIST, ...).
  • Knowledge of security regulations, such as the Radio Equipment Directive (RED), Cyber Resilience Act (CRA), Federal Information Processing Standards (FIPS), and Common Criteria (CC) or equivalent.
  • Good understanding of cryptographic principles, including algorithms, key management, and protocols.
  • Experience using security tools (SAST, DAST, SCA, Vulnerability Scanners, Secret Scanners).
  • Hands-on experience in at least one, preferably more, of these application domains:
    • Embedded device Security
    • Mobile security
    • Web & API security
    • Desktop security
  • Experience with Agile/SAFe Methodology is preferred.
  • Experience with usage of AI tools in the context of a security program is preferred.
  • Cloud infrastructure, Supply Chain, and deployment Security is preferred.


What we can offer you:
  • Competitive salary and rewards package
  • Competitive benefits and annual leave offering, allowing for work-life balance
  • A vibrant, welcoming & inclusive culture
  • Extensive career development opportunities and resources to maximize your potential
  • To be a part of a global organization that is pioneering the hardware, software and services that allow people to confidently navigate the physical and digital worlds


Why apply?
  • Empowerment: You'll work as part of a global team in a flexible work environment, learning and enhancing your expertise. We welcome an opportunity to meet you and learn about your unique talents, skills, and experiences. You don't need to check all the boxes. If you have most of the skills and experience, we want you to apply.
  • Innovation: You embrace challenges and want to drive change. We are open to ideas, including flexible work arrangements, job sharing or part-time job seekers.
  • Integrity: You are results-orientated, reliable, and straightforward and value being treated accordingly. We want all our employees to be themselves, to feel appreciated and accepted.


The wage range for this role considers a broad scope of factors that are considered when making compensation decisions, including but not limited to: skill sets, experience and training, licensure and certifications, and other business and organizational needs. The disclosed range does not account for geographic differentials based on the location where the position may be filled. At HID, it is uncommon for individuals to be hired at or near the top of the range. Final compensation decisions depend on the specific facts and circumstances of each case.

The base salary in the United States is $140,000 USD to $160,000 USD.

This opportunity may be open to flexible working arrangements.

#LI-HIDGlobal

About ASSA ABLOY Door Security Solutions

ASSA ABLOY Door Security Solutions is a division of ASSA ABLOY, the global leader in access solutions. The company provides a wide range of door security and safety solutions for commercial and institutional customers. Its products include locks, door closers, exit devices, electromechanical products, and access control systems. ASSA ABLOY Door Security Solutions operates in North America and has manufacturing facilities in the United States and Canada. The company is committed to sustainability and has implemented various initiatives to reduce its environmental impact.
Learn more about ASSA ABLOY Door Security Solutions
Size
50,000 employees
Industry
Founded
1992

Similar Jobs

More Jobs at ASSA ABLOY Door Security Solutions

  • ASSA ABLOY Door Security Solutions
    Software Development Manager
    $120K — $150K *
    Phoenix, AZ 85032 (Maricopa County)
    Information Technology
    In-Person
  • ASSA ABLOY Door Security Solutions
    Value Stream Manager
    $90K — $120K *
    Mocksville, NC 27028 (Davie County)
    Manufacturing & Automotive
    In-Person
  • Sales Manager
    $98K — $108K *
    Austin, TX 78745 (Travis County)
    Technical Services
    In-Person
  • ASSA ABLOY Door Security Solutions
    BI Analyst / Developer
    $70K — $95K *
    Monroe, NC 28110 (Union County)
    Enterprise Technology
    In-Person
  • ASSA ABLOY Door Security Solutions
    Quality Manager
    $80K — $110K *
    Monroe, NC 28110 (Union County)
    Manufacturing & Automotive
    In-Person

More Information Technology Jobs

Find similar Product Security and Privacy Architect jobs: