jobloom

JobLoom finds jobs directly from company career sites before many job boards, then routes you into detailed role pages like this one.

management

Posted 2 weeks ago

Director of Product Security

at Candescent

Us Georgia Atlanta Office, GeorgiaRemote
AWSGCPAzureagile

Responsibilities

  • Lead the development and execution of secure SDLC and AI development lifecycle (AIDLC) practices across all engineering and data science teams.
  • Conduct specific risk assessments including adversarial attacks, threat model ing , prompt injection, data exfiltration risks , etc. Lead response efforts for application-related and AI security incidents and vulnerabilities.

Requirements

  • This role is responsible for embedding security into the software development lifecycle (SDLC) and AI development lifecycle (AIDLC), partnering with engineering, product data science, AI/ML engineering, and infrastructure teams to ensure secure software design, development, and deployment of Can descent applications.
  • The ideal candidate will be a visionary leader with deep technical expertise in securing software development lifecycles , shift-left security , AI/ML application security, strong business acumen, regulatory compliance awareness , and a proven track record of building and scaling secure development practices in complex Saas and AI-driven environments. Key
  • Responsibilities and Deliverables Strategic Leadership Define and drive the product, application and AI/ML security strategy aligned with Candescent’s business and risk objectives for regulat ed enterprise clients.
  • Serve as a trusted advisor to senior leadership on application security risks, AI/ML security risks, platform security, model governance, trends, and mitigation strategies.
  • Participate in the e stablish ment of AI security governance frameworks that meet regulatory
  • requirements that apply to product and application development ( HIPAA, SOC 2, GDPR, CCPA , AI , etc.... ). Work closely with customer-facing teams to address client product security
  • Partner with legal and compliance teams on relevant product security and AI compliance .
  • Risk Management & Incident Response Identify and prioritize application and AI security risks through assessments, pen etration testing, red teaming and threat intelligence.
  • Provide executive-level reporting on application and AI security posture, KPIs, and risk metrics with regulatory reporting capabilities.
  • Participate in third-party vendor security assessments and AI supply chain risk when required . Qualifications and
  • Experience Bachelor’s degree in computer science, Information Technology, or equivalent 10+ years of
  • experience in cloud-first software development environments with an information security focus , with at least 5 years in product security leadership roles.
  • Deep understanding of modern application architectures ( e. g. microservices, containers, APIs, cloud-native) and AI architectures . Hands-on
  • experience with secure coding practices, threat modeling, and vulnerability management including AI specific threat modeling .
  • Proficiency with security tools such as SAST, DAST, SCA, and container security platforms plus AI security tools .
  • Strong knowledge of OWASP Top 10, OWASP ML Top 10, OWASP LLM Top 10, CWE, CVE, and secure development frameworks.
  • Experience working in Agile/DevOps environments and integrating security into CI/CD and ML pipelines.
  • Proven ability to lead cross-functional teams and influence at all levels of the organization.
  • Deep understanding of regulatory compliance
  • Preferred Distinctions Advanced degree in Computer Science, Cybersecurity, or related field.
  • Relevant i ndustry certification s, and/or security certifications as a plus .
  • Experience with cloud security (AWS, Azure, GCP) and infrastructure-as-code security.

Additional details

  • Candescent is a forward-thinking technology company transforming how financial institutions deliver Intelligent Banking experiences.
  • We unite digital banking, account opening, and branch solutions that power and connect digital banking, account opening, and branch solutions—creating seamless engagement across digital, remote, and in-person channels.
  • Our Experience-Led, Intelligence-Driven approach combines human-centered design with data, automation, and cloud-based innovation.
  • Built on an API-first architecture, our extensible ecosystem enables institutions to adapt quickly, integrate easily, and unlock new opportunities for growth—turning every customer interaction into a moment of clarity, confidence, and connection.
  • The Executive Director of Product Security at Candescent will lead the strategic direction, development, and execution of the enterprise-wide product and application security program with specialized focus on Candescent’s SaaS products serving regulat ed enterprises.
  • requirements for SaaS products serving highly regulated industries.
  • Statement to Third Party Agencies To ALL recruitment agencies: Candescent only accepts resumes from agencies on the preferred supplier list.
  • Please do not forward resumes to our applicant tracking system, Candescent employees, or any Candescent facility.
  • Candescent is not responsible for any fees or charges associated with unsolicited resumes.

Find more real-time jobs on JobLoom.