Director, Product Security

Location: Remote, East Coast USA Department: Security and Compliance Joining Collibra’s Product Security team You will lead the high-stakes mission of embedding security into the very DNA of our software development lifecycle. As the primary champion of our security guardrails, you will manage a high-performing engineering team dedicated to protecting our LLM-powered features, Kubernetes clusters, and the brand trust our customers rely on. You are the shield ensuring our platforms are Secure-by-Design and Secure-by-Default at an enterprise scale. The Director, Product Security at Collibra is responsible for Strategic Engineering Partnership: Partnering with engineering teams to embed automated security testing (SAST/DAST/SCA) into CI/CD workflows and IDEs, driving adoption through developer-friendly tooling and technical guardrails for multi-cloud and Kubernetes environments. AI Supply Chain Security: Implementing NIST and OWASP AI frameworks for LLM features and managing the Software Bill of Materials (SBOM) to mitigate supply chain risks. Vulnerability Threat Management: Leading the PSIRT process, managing the Bug Bounty program, and overseeing offensive security efforts like penetration testing and threat modeling. Compliance Audit Readiness: Owning product security controls for FedRAMP, SOC 2, and ISO 27001, ensuring all practices are audit-ready and operationalized. Leadership Enablement: Managing the product security budget, vendor relationships, and developer enablement programs to ensure security is a shared responsibility across the org. Give-and-Get: You mentor your team to technical excellence while holding them accountable for the security of every line of code. Embrace Ambiguity: You translate complex technical threats into clear business risks for executive stakeholders. Lead with Confidence: You represent Collibra’s security posture to the world’s most demanding enterprise customers. You have Technical Leadership Experience: 7 to 10 years of proven track record of managing high-performing security engineering teams in a modern SaaS or microservices environment. Deep SDLC Expertise: Extensive experience integrating security tooling (SAST, DAST, SCA) directly into automated developer workflows and container orchestration. AI/ML Security Knowledge: Hands-on experience with emerging AI security standards and securing data pipelines for LLM-powered features. Incident Response Mastery: Experience leading a PSIRT, managing public disclosures (CVEs/VEX), and triaging production vulnerabilities under pressure. Regulatory Fluency: Strong understanding of security control requirements for FedRAMP, STIG, and other major enterprise compliance frameworks. A bachelor’s degree or equivalent related working experience is required. This position is not eligible for visa sponsorship. Because this role supports the US government, it is required that this candidate be a US citizen who resides on US soil. You are A Technical Diplomat: Able to explain complex security vulnerabilities to non-technical stakeholders in Legal, Sales, and Marketing without losing them. Risk-Oriented: Skilled at translating technical debt into business risk to help executives make informed investment decisions. A High-Trust Mentor: Dedicated to building a culture of technical excellence and career growth within a hybrid team environment. Composed Under Fire: Calm and structured when leading responses to production threats or high-stakes customer escalations. Architecturally Minded: Someone who looks at software through the eyes of an attacker to identify flaws before they reach production. Measures of success Within your first month, you will audit our current SDLC security integrations, establish relationships with key Engineering leads, and take over the management of our existing security tooling portfolio. Within your third month, you will have optimized our vulnerability ingestion pipelines, refreshed the threat modeling program for our AI initiatives, and established a clear roadmap for security of AI powered development, as well as our AI native and Agentic AI empowered products. Within your sixth month, you will drive a measurable reduction in manual security toil through automation, successfully lead a major penetration testing cycle, and serve as the primary security signatory for all production releases. Compensation for this role The standard base salary range for this position is $224,000.00 - $280,000.00 per year. This position is not eligible for additional commission-based compensation. Salary offers are based on a combination of factors, including, but not limited to, experience, skills, and location. In addition to base salary, we offer equity ownership at every level, bonus potential, a Flex Fund monthly stipend, pension/401k plans, and more. Benefits at Collibra Collibra recognizes and values that everyone has different needs, interests, and life goals. We built our benefits program with flexibility in mind to support you and your loved ones through a diverse range of circumstances and life events. These flexible offerings sit on a foundation of competitive compensation, health coverage, and time off. Learn more about Collibra’s benefits . We create inclusion and belonging through how we onboard, meet, connect, engage, and communicate. Learn more about diversity, equity, and inclusion at Collibra. At Collibra, we’re proud to be an equal opportunity employer. We realize the key to creating a company with a world-class culture and employee experience comes from who we hire and creating a workplace that celebrates everyone. With this, we proudly consider qualified applicants without regard to race, color, religion, creed, gender, national origin, age, disability, veteran status, sexual orientation, pregnancy, sex, gender identity, gender expression, genetic information, physical or mental disability, HIV status, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status or any other legally protected category. If you have a need that requires accommodation, let us know by completing our Accommodations for Applicants form .