Senior Engineering Director, Product Security

College Board - Technology - Product Security 

Location: 1) This is a fully remote role. Candidates who live near CB offices have the option of being fully remote or hybrid (Tuesday and Wednesday in office). OR 2) This is a hybrid role and requires the candidate to be on-site at CB offices every Tuesday and Wednesday. 

Type: This is a full-time position 

About the Team  

Product Security is a close-knit team of security engineers and technical leaders focused on helping College Board build secure, resilient, cloud-native products. We work closely with product and engineering teams to identify risk early, solve hard security problems, and make secure development practical at scale. Our team brings together deep expertise in application security, cloud security, privacy, and secure engineering, with a strong bias toward partnership, clarity, and real-world impact. We value thoughtful collaboration, high standards, and diverse perspectives, and we believe the best security outcomes come from building trust and working side by side with the teams we support. 

About the Opportunity  

As Senior Director, Product Security, you will shape the security strategy for a modern, cloud-native SaaS ecosystem that serves millions of students and educators. This is a high-impact leadership role for someone who can connect security strategy to engineering execution, build strong teams, and help the organization stay ahead of evolving threats across cloud, application, privacy, and AI-enabled systems. You will guide secure-by-design practices across the software development lifecycle, strengthen trust in our products, and create the structure, priorities, and partnerships needed to raise the bar on product security across the organization. This role is a strong fit for a leader who is energized by building, influencing, and solving complex security challenges in ways that are both technically rigorous and practical for engineering teams. 

In This Role, You Will: 

Provide Strategic Technical Leadership (40%) 

• Execute a forward-looking product security strategy focused on staying ahead of security and privacy threats, not reacting to incidents. 
• Own and mature the secure SDLC, including threat modeling, security and privacy design reviews, application security testing, software supply chain protections, and production controls. 
• Make sound, risk-based prioritization decisions across competing security needs, balancing long-term security investments with urgent product, engineering, and business demands. 
• Establish standards for securing AWS-based cloud-native systems, APIs, mobile applications, and AI-enabled features. 
• Translate emerging threats, abuse patterns, and regulatory expectations into actionable engineering guidance. 
• Drive measurable reductions in systemic risk and security debt. 
• Clarify security priorities and focus the team on the work that delivers the highest risk reduction and business impact. 

Build and Lead a High-Performing Security Engineering Team (30%) 

• Build and evolve a product security organization with clear ownership boundaries and strong collaboration across Product Security Architecture and Information Security. 
• Coach and develop the team members to operate with increasing autonomy, fostering sound security judgment and build a culture of ownership and accountability by empowering team members to make risk informed security decisions. 
• Ensure roles are well-defined, impact-driven, and aligned to current and future business needs. 
• Set and uphold a high bar for technical depth, work quality, and follow-through. 
• Attract and hire exceptional security engineers committed to technical excellence and mission impact. 
• Provide stretch opportunities that expand scope, influence, and technical mastery. 
• Foster a culture where candid feedback, iteration, and growth are expected and normalized. 
• Build an environment where high performers thrive and are sought after across the organization. 

Partner Effectively with Business Stakeholders and Technology Teams (30%) 

• Improve developer experience by making secure choices the default through automation and clear engineering standards. 
• Establish measurable indicators of security effectiveness, including remediation velocity, systemic risk reduction, and declining recurrence of vulnerability classes. 
• Establish security standards and guardrails for AI-enabled product capabilities. 
• Integrate AI-assisted tooling into security workflows to improve secure design, code review, vulnerability triage, and threat analysis capabilities. 
• Ensure AI tools used within engineering are adopted responsibly, securely, and with measurable impact. 
• Grow the culture of security and privacy within product teams through educational initiatives such as the Staying Ahead of Threats Guild. 

About you, you have:  

• 10+ years of experience in application, cloud, or product security, including senior leadership responsibility 
• Demonstrated expertise in securing SaaS and mobile products, using contemporary development frameworks, CI/CD practices, and secure coding standards. 
• Strong command of emerging trends in product security, including software supply chain risk, data privacy, secure SDLC, and third-party/vendor security posture management. 
• Strong stakeholder engagement and communication skills, with the ability to synthesize complex information and present clear options to technical and executive audiences. 
• Deep people leadership experience, including hiring, coaching, talent development, performance management, and fostering a culture that enables engineers to do their best work. 
• Exceptional planning, prioritization, and delivery skills, consistently executing against timelines and budgets in dynamic, fast-paced environments. 
• Willingness and ability to travel 2-3 times per year to College Board offices and other domestic or international locations, as needed. 

The Process: 

• Application review will begin immediately and will continue until the position is filled. This role is expected to accept applications for a minimum of 5 business days.  
• While the hiring process may vary, it generally includes: resume and application submission, recruiter phone/video screen, hiring manager interview, performance exercise such as live coding, a panel interview, a conversation with leadership and reference checks.    

What We Offer 

At College Board, we offer more than just a paycheck—we provide a meaningful career, a supportive team, and a comprehensive package designed to help you thrive. We're a self-sustaining nonprofit that believes in fair and competitive compensation, grounded in your qualifications, experience, impact, and the market. 

A Thoughtful Approach to Compensation 

• The hiring range for this role is $170,000 - $195,000 
• Your exact salary will depend on your location, experience, and how your background compares to others in similar roles at the College Board. 
• We aim to make our best offer upfront rooted in fairness, transparency, and market data. 
• We adjust salaries by location to ensure fairness, no matter where you live. 
• You'll have open, transparent conversations about compensation, benefits, and what it's like to work at College Board throughout your hiring process. Check out our careers page for more.

#LI-Remote
#LI-MC1