Product Security Principal

Benefits

Parental leave

Not verified

Non-birth-parent leave

Not verified

Family-building benefits

• Fertility benefits: Not verified
• Adoption assistance: Not verified
• Surrogacy assistance: Not verified

Mental health support

Not verified

Relocation assistance

Not verified

Childcare support

Not verified

Learning budget

Not verified

Verification

Not verified

Salary

Not verified not verified - source not recorded; timestamp not recorded

401(k) match

Not verified

Was this benefit information wrong? Tell us.

Schedule

Shift type

Not verified

Weekend work

Not verified

Application

Cover letter

Not verified

Assessment

Not verified

Deadline

Not stated

Where they hire

State eligibility is not yet verified.

About this role

Product Security Principal 2 Locations Position Title Product Security Principal Location New York, NY 10018 Job Summary Serves as the embedded security subject matter expert and thought lead for assigned product lines within the product operating model framework. Partners with the Technology Line of Business Lead, Business Architect, and Business Unit Risk Manager (BURM) to cultivate a security-first culture, ensuring products are secure from design through deployment. This position is accountable for application-specific security controls, threat modeling, security architecture reviews, secure code practices, and security testing coordination. Responsible for identifying and managing security risks, translating regulatory and policy requirements into actionable control designs, and serving as the clear point of escalation for IT Risk and Cyber domains within the product. Acts with urgency to monitor Key Risk Indicators, manage emerging security issues, and drive real risk reduction outcomes across the product's technology supply chain. Job Responsibilities: JOB RESPONSIBILITIES Cultivates security culture across product, technology, and business teams by embedding threat modeling, security architecture reviews, and secure code practices, ensuring products adopt security controls and are secure from design through deployment. Owns application-specific security requirements, threat modeling, security architecture design, authentication/authorization design, and data classification/handling standards in partnership with Tech Leads and Business Architects. Leads security testing, vulnerability assessments, penetration testing coordination, and security validation activities, tracking security defect remediation and ensuring compliance with secure coding standards. Prepares and delivers Technology Review Board security artifacts including Initial Design Review security assessments, Production Release Review security validation, and security incident response plans.

Read the full description at flagstar.wd5.myworkdayjobs.com. FewerJobs shows a source-linked preview and links to the original posting.