• Product Security Director

    Location US-IL-Lincolnshire
    Job ID
  • Overview

    Reporting into the Chief Security Officer (CSO), the Product Security Director has global responsibility for the Global Product & Solutions Security program including the strategy, planning, and execution. They will own the overarching program which will be responsible for ensuring security is integrated into relevant Zebra products and solutions.


    • Strategy:

      • Develop and lead the strategic vision to manage both internal and external risks associated with Zebra products and solutions.
      • Ensure this strategy is aligned with the overall product and solutions strategy.
      • Build out a cost-effective organization of security professionals to support the Global Product & Solutions Security Program.
      • Integrate a product & solutions security strategy into the overall Zebra security strategy.


      • Lead programs to ensure continuous development and improvement of security integration into the product & solutions development lifecycle.
      • Ensure security is pro-actively injected into all levels of the product/solutions development process.
      • Develop and actively lead a Product & Solutions Security steering committee and working group to prioritize efforts, shed light on issues, and work to resolve identified security risks.
      • Work to obtain the right mandate to ensure no new Zebra products or services are launched without the appropriate security involvement.
      • Ensure excellent consistency, documentation, and process across all programs.
      • Proactively advise the business on how to maintain compliance with appropriate regulatory or industry best practices.
      • Manage the budget for the product security function; monitor and report any discrepancies.
      • Ensure talent management and career development for security staff are in place to reduce turn-over.


      • Drive secure development and integration of security features into all phases of hardware and software design and development.
      • Coordinate, participate, and deliver threat modeling for given designs and architectures.
      • Coordinate/participate in and perform design reviews, peer reviews, and code reviews.
      • Contribute to maturing process, policy, and standards guidance.
      • Create a culture where security and risk management are considered foundational rather than afterthoughts.
      • Educate key stakeholders on program, risks, and importance of security in Zebra products & solutions.
      • Work with the business to identify, capture, escalate, and close security vulnerabilities found in Zebra Technologies products and platforms.
      • Leverage tools to deliver vulnerability information back to the development organization for remediation.
      • Coordinate security risk assessments for new products & solutions through the risk assessment team.
      • Maintain a risk register and risk visual with clearly defined owners for each risk.
      • Consult with the internal legal team to resolve potential legal compliance issues.
      • Develop product/solution security frameworks and standards to reduce development cycle of new products and services and to ensure consistency across the different products and platforms.


      • Partner with key product & solutions development leaders to ensure security is incorporated in all customer-facing product offerings.
      • Build solid working relationships with business stakeholders to maintain and improve product and application security processes.
      • Partner with architecture and development leaders to develop shared software frameworks to enable consistent application of secure coding best practices across the enterprise.
      • Collaborate with other departments (e.g., Legal, Internal Audit, HR, etc.) to direct compliance issues to appropriate existing channels for investigation and resolution.
      • Develop a team of business security liaisons across the various business divisions and groups to ensure that product & solution security is top of mind and to gain program breadth, visibility, and control of Zebra’s instrument/device environment.
      • Research latest security best practices when it comes to device/instrument/IoT, staying current on new vulnerabilities and threats and ensure these are addressed in Zebra’s products and services.


    • Preferred Education:
      • Bachelor’s Degree in Science, Technology, Engineering, or Math (Master’s Degree a plus).
    • Preferred Work Experience (years):
      • Minimum of 15+ years of experience in IT or Engineering with 10+ years related work experience with product security, secure software development, risk assessment, or vulnerability management.
      • Past Senior Management, Director, or VP experience managing teams of senior security professionals.
      • CISSP, CISM, CRISC, or other relevant certification highly desired.
    • Key Skills and Competencies:
      • Experience finding and mitigating vulnerabilities in embedded devices.
      • Knowledge of applicable industry standards, leading security practices, and regulatory requirements potentially affecting Zebra’s products and services.
      • Deep understanding of cryptography, authentication, authorization, network security protocols, and web application security.
      • Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25, etc.
      • Ability to explain and champion technical concepts to a broad audience focusing on business acumen.
      • Strong attention to detail, organizational skills.
      • Excellent customer service skills required.
      • Strong analytical and product management skills required, including a thorough understanding of how to interpret customer business needs and translate them into application and operational requirements.
      • Excellent verbal and written communication skills and the ability to interact professionally with a diverse group, executives, managers, and subject matter experts.
      • Ability to achieve results by influencing others where no hierarchical (or only “dotted line”) relation exists.
      • Experience managing leaders of others while demonstrating strong leadership and people management skills.
      • Experience managing large scale budgets.
      • Demonstrated ability to translate strategic initiatives.

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share with your network