Skip to content
Cybersecurity Director – Product Security Solutions
| Company | AstraZeneca |
|---|
| Location | Gaithersburg, MD, USA |
|---|
| Salary | $160313.6 – $240470.4 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior, Expert or higher |
|---|
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
- 8+ years of experience in security, with at least 3 years in a leadership role focusing on product or software security.
- Expertise in secure software development, application security, threat modeling, vulnerability management, and penetration testing.
- Strong understanding of common security threats (e.g., OWASP Top 10), attack vectors, and mitigation strategies.
- In-depth knowledge of DevSecOps security tools and techniques for code analysis, vulnerability scanning, and risk assessment.
- Experience working with cross-functional teams, especially product management, engineering, and operations, to integrate security into the product lifecycle.
- Strong problem-solving and analytical skills with the ability to translate technical concepts to business leaders and non-technical team members.
- Excellent interpersonal skills, both written and verbal, with the ability to clearly convey complex security topics to a wide audience.
Responsibilities
- Partner with product development, engineering, DevOps, and other teams to identify security requirements, influence design decisions, and ensure security best practices are followed throughout the development lifecycle.
- Lead the vision, roadmap, engineering, and execution of the product security strategy, ensuring the development of trust-by-design products and services.
- Collaborate with product teams and be responsible for the identification, prioritization, and mitigation of security vulnerabilities and issues. Lead and coordinate efforts for secure code reviews, threat modeling, penetration testing, and vulnerability assessments.
- Assess security risks across product portfolios and recommend remediation strategies while balancing business and technical needs.
- Implement and carry out secure development lifecycle practices including tooling, ensuring products are designed and developed with security built in.
- Lead initiatives to increase security awareness and knowledge among engineers and product teams through training, workshops, and the development of security resources.
- Ensure adherence to relevant regulatory requirements and industry best practices related to product security (e.g., GDPR, SOC2, OWASP, etc.).
- Build, mentor, and lead a high-performing product security team. Cultivate a culture of security excellence and innovation.
Preferred Qualifications
- Master’s degree in Information Security, Computer Science, or a related field.
- Industry certifications such as CISSP, CISM, or CEH.
- Hands-on experience with security frameworks, tools, and methodologies (e.g., SAST, DAST, threat modeling, etc.).
- Familiarity with cloud security and DevSecOps practices.
- Experience leading security initiatives in agile and fast-paced development environments.
- Knowledge of industry standards and regulations (e.g., ISO 27001, NIST, SOC2).
