Senior Director, Product & Application Security

Posted:
11/20/2024, 1:38:57 AM

Location(s):
California, United States ⋅ Sunnyvale, California, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

It's fun to work in a company where people truly BELIEVE in what they're doing!

We're committed to bringing passion and customer focus to the business.

Corporate Overview

In today’s cyber threat landscape, protection starts with people. At Proofpoint, that simple truth fuels our passion for protecting users, the data they create, and the systems they rely on from a uniquely people-centric perspective.

And we are just as passionate about finding the right people to help us in that mission. When you join Proofpoint, you are helping to:

  • Build and enhance our proven security platform
  • Blend innovation and speed in a constantly evolving cloud environment
  • Analyze new threats and offer deep insight through data-driven intel
  • Collaborate with customers to help solve their toughest security challenges

We are devoted to helping our customers protect their greatest assets and biggest security risk: their people. That is why we are a leader in next-generation cybersecurity—and why more than half of the Fortune 100 trust us as a security partner.

The Role  

As the Senior Director, Product & Application Security, you’ll have the opportunity to work with world-class security experts and cutting-edge technology to secure our product portfolio.  You will play a pivotal role in leading Proofpoint’s product security strategy, execution, and risk management initiatives. This senior leadership position is responsible for ensuring that security is embedded throughout the entire product development lifecycle, including design, development, testing, and deployment of Proofpoint’s products and services. You will collaborate closely with engineering, product management, core infrastructure, security operations, and executive leadership to ensure that the company's product security posture is industry leading.

Strategic Leadership

  • Define and implement the long-term vision, strategy, and roadmap for product and application security aligned with company objectives and industry best practices.
  • Lead efforts to integrate security into Proofpoint’s Software Development Life Cycle (SDLC) and DevSecOps pipelines, ensuring that security is considered from inception through deployment.
  • Take an adversary perspective to identify, prioritize, and mitigate vulnerabilities in our products across both pre- and post-production environments and establish clear processes for vulnerability management.
  • Develop best-in-class security controls frameworks to enable new initiatives such as our Generative AI efforts.

Team Leadership & Development

  • Manage, mentor, and grow a team of product security engineers and architects responsible for application security testing, vulnerability assessments, and code reviews.
  • Foster a culture of innovation, collaboration, and continuous improvement within the product security organization.

Collaboration & Cross-functional Engagement

  • Partner with product management, engineering, and other relevant teams to ensure that security requirements are clearly defined and implemented within all product offerings.
  • Work closely with legal and compliance teams to ensure product security meets regulatory requirements (e.g., GDPR, CCPA, and other industry-specific regulations).

Security Operations & Risk Management

  • Lead the response to critical product security incidents, vulnerabilities, and threats, ensuring timely mitigation and communication to stakeholders.
  • Oversee threat modeling, vulnerability scanning, and penetration testing to identify and mitigate risks in products and applications.
  • Ensure that security risk assessments are conducted regularly and that remediation efforts are tracked and closed in a timely manner.

Product Security Evangelism

  • Champion security best practices within the organization, driving awareness and education for product teams and stakeholders on secure coding practices and emerging threats.
  • Represent Proofpoint’s product security efforts in customer-facing engagements, providing confidence to clients regarding the security posture of Proofpoint products.

Innovation & Emerging Threats

  • Stay current with emerging threats, vulnerabilities, and security technologies, and incorporate learnings into Proofpoint’s product security strategies.

Drive research and adoption of new security technologies, methodologies, and tools to enhance Proofpoint’s security capabilities.
 

If you like wild growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us!

Consistent with Proofpoint values and applicable law, we provide the following information to promote pay transparency and equity. Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets as set out below. Pay within these ranges varies and depends on job-related knowledge, skills, and experience. The actual offer will be based on the individual candidate. The range provided may represent a candidate range and may not reflect the full range for an individual tenured employee. This role may be eligible for variable pay and/or equity. We offer a competitive benefits package that includes flexible time off, a robust well-being program that provides for 4 global wellbeing days per year, and a 3-week work from anywhere option.

Base Pay Ranges:

SF Bay Area, New York City Metro Area:

Base Pay Range: 232,400.00 - 319,550.00 USD

California (excludes SF Bay Area), Colorado, Connecticut, Illinois, Washington DC Metro, Maryland, Massachusetts, New Jersey, Texas, Washington, Virginia, and Alaska:

Base Pay Range: 186,720.00 - 256,740.00 USD

All other cities and states excluding those listed above:

Base Pay Range: 168,080.00 - 231,110.00 USD

Proofpoint

Website: https://www.proofpoint.com/

Headquarter Location: Sunnyvale, California, United States

Employee Count: 1001-5000

Year Founded: 2002

IPO Status: Public

Last Funding Type: Post-IPO Debt

Industries: Email ⋅ Enterprise Software ⋅ Information Technology ⋅ Network Security ⋅ SaaS