Product Security Manager

We are seeking a skilled and collaborative Product Security Manager to lead and execute our product security initiatives, ensuring our products and platforms are secure, compliant, and resilient against evolving threats. 

Reporting to the Product Security Director, you will work closely with engineering, product management, DevOps, and business stakeholders to embed security best practices throughout the software development lifecycle (SDLC). Your ability to navigate organizational dynamics and influence cross-functional teams will be crucial to delivering impactful security outcomes.

Product Security Leadership 

• Drive the integration of security controls and secure development practices into every phase of the SDLC. 
• Serve as a trusted advisor to product owners, engineers, and DevOps teams, providing expert guidance on security architecture, risk mitigation, and secure coding. 
• Lead security initiatives and projects, balancing business objectives with security requirements. 

Security Program Execution 

• Implement and maintain product security policies, standards, and procedures in alignment with organizational goals and compliance requirements (e.g., PCI DSS, ISO 27001, GDPR). 
• Oversee vulnerability management, including regular assessments, remediation tracking, and reporting. 
• Manage product security incident response, coordinating with relevant teams to identify, analyze, and remediate vulnerabilities and incidents. 

Tooling, Automation, and Innovation 

• Evaluate and deploy application security testing tools, vulnerability management solutions, and security automation pipelines. 
• Identify opportunities to enhance security posture through process improvements and technology adoption. 

Cross-Functional Collaboration & Influence 

• Build strong relationships with engineering, product, and operations teams to champion security initiatives. 
• Participate in sprint planning, design reviews, and product roadmap discussions to ensure security is considered from concept to release. 
• Communicate complex security concepts and risks to both technical and non-technical audiences, fostering a culture of security awareness. 

Training, Mentorship, and Awareness 

• Mentor and guide junior security analysts and engineers, fostering their professional growth. 
• Deliver training and awareness programs on secure development, threat modeling, and emerging risks. 
• Elevate security awareness across the organization by sharing insights, best practices, and lessons learned from security incidents. 

Compliance & Continuous Improvement 

• Ensure products meet or exceed industry regulations and internal standards. 
• Regularly review and update security processes, policies, and documentation to reflect evolving threats and business needs. 
• Support audits and assessments, providing evidence of compliance and driving remediation efforts. 

Requirements

• Extensive experience (5+ years) in product/application security, with a strong track record of leading security initiatives in a technology-driven environment. 
• Deep understanding of secure SDLC, application security principles and best practices (OWASP), threat modeling, vulnerability management, and incident response. 
• Experience with security compliance frameworks (e.g., PCI DSS, ISO 27001, GDPR, SOC 2). 
• Proficiency with application security testing tools (SAST, DAST, SCA), CI/CD pipelines, and cloud security controls. 
• Excellent interpersonal and communication skills, with the ability to influence and build consensus across diverse teams. 
• Demonstrated ability to navigate complex organizational structures and drive cross-functional security initiatives. 
• Strong understanding of cloud security across CSPs, as well as containerization and microservices security.

• Experience working in an agile development environment.
• Strong verbal and written communication in English.
• Flexibility with working hours to accommodate collaboration with international teams.

Nice to have 

• Bachelors or Master’s degree in Computer Science or Information Security.
• Security certifications (e.g., CISSP, CSSLP, CCSP, AWS Solutions Architect, AWS Certified Security) are a plus
• Understanding of AI & contact center industries.

Benefits

• Fixed compensation;
• Long-term employment with the working days vacation;
• Development in professional growth (courses, training, etc);
• Being part of successful cutting-edge technology products that are making a global impact in the service industry;
• Proficient and fun-to-work-with colleagues;
• Apple gear.

Omilia is proud to be an equal opportunity employer and is dedicated to fostering a diverse and inclusive workplace. We believe that embracing diversity in all its forms enriches our workplace and drives our collective success. We are committed to creating an environment where everyone feels welcomed, valued, and empowered to contribute their unique perspectives without regard to factors such as race, color, religion, gender, gender identity or expression, sexual orientation, national origin, heredity, disability, age, or veteran status, all eligible candidates will be given consideration for employment.