Newfold Digital is looking for a Director, Application and Product Security to lead our technical security strategy. As a technical leader, you will drive Application and Product Security Engineering across development and operations teams for our core customer applications and product platforms. Your mission is to integrate security early in the development lifecycle, guide secure architecture, and reduce security risk by establishing effective guardrails and paved paths.
What You'll Do
- Provide holistic assessments of security layers across infrastructure, application, people, and process.
- Collaborate with product managers, designers, and engineers to threat model and architect secure and resilient systems.
- Review source code against secure coding best practices and contribute security requirements.
- Drive the software design and implementation of security services, tools, and libraries to provide secure defaults.
- Promote security remediations in the CI/CD pipeline by building tools and services for engineers to consume.
- Help build the platform that ensures software development is safe, easy, and low-risk.
- Champion an internal security culture and help engineers understand how security events impact them.
What We're Looking For
- Ability to clearly communicate security topics and vulnerability classes (e.g., OWASP Top Ten) and provide actionable direction to product teams.
- A record of partnering with internal engineering teams to tackle security problems across an entire stack with empathy and creativity.
- Hands-on experience in software engineering projects.
- Working knowledge of modern development concepts (virtualized environments, containerization, continuous integration + delivery).
Nice to Have
- 8 to 10+ years of experience in application security or product security roles.
- Practical understanding and experience with shared and dedicated web hosting at scale.
- Proven professional experience guiding software teams on secure architecture design.
- Working knowledge of network architecture and system architecture, including cloud infrastructure.
- Experience building or reviewing threat models and ability to craft malicious user, attacker, and abuse/misuse cases.
- Working knowledge of hardware and software supply chain security.
Technical Stack
- Java
- Python
- JavaScript
- SQL
- Perl
Team & Environment
You will lead a team collaborating with other security, operations, and software development teams. At Newfold Digital, we believe in improving application and product security by integrating a security mindset early in the development lifecycle. We take pride in collaborating with our customers to serve their online presence needs, and our strength lives in the intersection of our people, our customers, and our brands.
