Director of Product Security
Infrastructure | Alameda, CA | Full Time
At Saildrone, we sustainably explore, map, and monitor the oceans to understand, preserve, and protect our world. Saildrone provides real-time access to critical data from any ocean on earth, 24/7/365, and uses proprietary software applications to transform that data into actionable insights and intelligence. Saildrone’s fleet of uncrewed surface vehicles (USVs), powered by renewable wind and solar power, have a minimal carbon footprint and operate 24/7/365, without the need for a crewed support vehicle. We work with governments, civil agencies, foundations, universities, and private companies around the globe to drive better information about our oceans and seas—from sailing drones into the eye of a Category 4 hurricane to obtain new scientific storm data, mapping the ocean floor, collecting new CO2 data in hard-to-reach areas, counting biomass to establish fishing quotas, or detecting and stopping illegal fishing and drug trafficking. As a result of our work, we have been included on Fast Company’s annual list of the “World’s Most Innovative Companies for 2022” and earned the 2022 Ocean Awards’ Innovation Award, presented by the Blue Marine Foundation. Saildrone’s hurricane mission was included as one of the New York Times "Top 21 Things that happened (for the first time) in 2021", and Popular Science's "100 Greatest Innovations of 2021".
We are based in Alameda, CA, with offices in Washington DC, St. Petersburg, FL, and Fall River, MA, and operate our missions worldwide. We are backed by top-tier investors in the frontier-tech and sustainability sectors, including Social Capital, Capricorn, Lux Capital, BOND Capital, and Emerson Collective.
This is an exciting opportunity with a fast-growing team at the cutting-edge intersection of big data services and autonomous hardware. You will be an integral part of a high-performing multi-disciplinary delivering high impact for humanity and future generations.
As Saildrone’s Director of Product Security, reporting to the VP of Technical Infrastructure, you will set the product security vision and strategy, and own, develop, and maintain our security roadmap in alignment with business initiatives. You’ll be building a security program from the ground up. You’re not only looking to lead a security team, but as the inaugural leader of the security team you are excited about building one from scratch.
You have an interest in building solutions to challenging security problems with a focus on mentorship and scaling the team’s impact.
You will work under minimal direction, are able to influence leadership, advocate for security, mentor others, and cultivate a culture of security awareness.
What you'll do
- Design, implement, and promote security maturity and capability levels and targets for the organization's engineering efforts.
- Assess the security posture of the organization and help architect guardrails for DevOps, Software Engineering, and Hardware Engineering teams.
- Translate business, technology, and security objectives into security architectures and roadmaps that are flexible, streamlined, scalable, and cost-efficient.
- Develop and present security product roadmaps, reference architectures, and implementation plans from concept to production and operational support.
- Drive the adoption of our policy-as-code, security-as-code, zero trust, IaC best practices, and principles of least privilege.
- Communicate in a friendly, supportive manner with engineers or other stakeholders, helping to not only identify security issues, but also a mentor and advocate on solutions.
- Engage cross-functionally to drive other teams’ ownership and measurement of security posture.
- Collaborate and foster strong working relationships with all stakeholders.
- Leverage cybersecurity intelligence and research to enhance the security program.
- Define and measure success of the security program and team.
Required skills and experience
- Experience with assessment of cloud-based and containerized environments (AWS, Docker, Kubernetes)
- Strong Operational Experience in Linux/Unix environment
- Self-motivated, proactive, and solution-oriented individual
- Experience leading and managing projects
- You have either built teams in the past or managed a diverse subset of security roles and skills.
- You have strong prioritization skills, both in prioritizing security team efforts as well as helping other teams understand prioritization of performing security remediation and mitigation work.
- You're a great communicator, and can advocate for your proposals while also empathizing with other team’s goals and priorities
- You understand that security work must be prioritized because all teams have finite resources. You have good judgment and a sense of when to compromise and when to hold your ground
- You communicate security concepts effectively, both to management and individual contributors with a diverse set of backgrounds
- B.S. in Computer Science related, or equivalent experience
Desired skills and experience
- Knowledge of autonomous vehicle architecture, vehicle sensors, and communication protocols
- Experience in the embedded security space
- Experience assessing mixed hardware/software systems for security vulnerabilities
- Experience with the MITRE ATT&CK framework and the tactics, techniques, and procedures it represents.
- Software development experience with Python and C/C++
- Experience incorporating security into build and deployment pipelines
- Experience performing threat models and architecture reviews
- Experience supporting a security champions program, working with developers to provide security guidance, and mentoring them as necessary
Extra bonus points if you have experience leading a Red Team or have experience with autonomous vehicle penetration testing.
We are interested in speaking with candidates that have diverse backgrounds and perspectives.
If you don't meet all the criteria above but are excited about the position, we encourage you to apply. Nobody checks all the boxes; we are looking for someone with passion and drive who is excited for a challenge.
This position is in Alameda, CA. Only candidates with proper permits to work in the United States can be considered. Our waterfront office offers beautiful views of San Francisco Bay in always sunny Alameda. Even our walls have good karma, our offices mix software development with a hardware production line in the former airplane hangar used to film 'The Matrix'.
- Medical, dental and vision plans for you and your dependents.
- Short and relaxing ferry ride from the Ferry Building for SF residents
- Enhanced Parental Leave Programs
- Competitive benefits including excellent medical, life insurance, 401k plan
Catch up on the latest news about us:
An Unprecedented View Inside a Hurricane – EOS (May 6, 2022)
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
In accordance with Saildrone’s mandatory employee COVID-19 vaccination policy, please be advised that all employees are required to be vaccinated and boosted to safeguard the health of our employees and their families, our customers and visitors and the community at large.
Any unsolicited resumes/candidate profiles submitted through our website or to personal email accounts of employees of Saildrone are considered property of Saildrone and are not subject to payment of agency fees.