Social network you want to login/join with:
Senior Manager Product Security - SaaS, Barcelona
Client:
Location: Barcelona, Spain
Job Category: Other
-
EU work permit required: Yes
Job Views:
2
Posted:
27.04.2025
Expiry Date:
11.06.2025
Job Description:
Our client, a leading Enterprise SaaS company, is looking for a security leader to lead a global security team responsible for product and infrastructure security.
Experience
* Minimum of 5 years of experience in product security and application security.
* Hands-on experience designing and deploying security controls across all security domains, such as access management, data protection, vulnerability management, incident response and management, application security, network security, and preventive, detective, and offensive security solutions.
* Deep understanding of security principles, techniques, and technologies such as OWASP Top 10, SANS Top 25, encryption, identity and access management, network security, and cloud security.
* Familiarity with compliance frameworks and standards, such as ISO 27001, SOC 2, GDPR, and CCPA.
* An understanding of Application Security threats and countermeasures.
* Practical knowledge of security technologies, especially those applying to SaaS web applications and wider business solutions, including Firewalls, IDS/IPS, Identity and access management, SIEM, Data Loss Prevention, BCP, and Cloud Security.
* Bachelor's or Master's in Computer Science, Information Security, or a related field.
* Relevant security certifications (e.g., CISSP, OSCP, CEH) are a plus.
Role responsibilities
* Lead the company's development and implementation of a comprehensive product security strategy.
* Manage and mentor a team of security engineers and analysts, providing guidance and direction for their professional growth.
* Identify, develop, implement, and maintain security programs and processes across product development and production environments.
* Oversee critical cybersecurity areas, including incident response, disaster recovery, awareness, monitoring, remediation, information governance, and digital security.
* Lead all product security operations that protect against immediate threats and respond when something goes wrong.
* Enhance product security programs and capabilities to an industry-leading position, continuously improving approaches and guiding the team.
* Build strong relationships within product, engineering, and operations teams to implement security controls to protect applications, infrastructure, and data.
* Develop and enforce security policies and procedures based on industry best practices.
* Partner with executive leadership to ensure security is integrated into application and platform development, with ongoing investment in cybersecurity.
* Collaborate with internal stakeholders to stay informed about technological and business changes impacting security.
* Support compliance with standards like SOC2, HIPAA, PCI, NIST800-171, ISO27001/277001, and Fed RAMP, including audit evidence provision.
* Lead incident response and post-mortem activities for security breaches, coordinating with Legal, Security, and Privacy teams.
* Conduct hands-on security assessments, code reviews, and penetration testing to identify vulnerabilities.
#J-18808-Ljbffr