Sr. Director, Product Security

Company: Q2
Company: Q2
Location: Austin, TX
Commitment: Full time
Posted on: 2025-12-20 05:21
As passionate about our people as we are about our mission.Why Join Q2?Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology—and we do that by empowering our people to help create success for our customers.What Makes Q2 Special?Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.The Job At-A-Glance:We are seeking a Senior Director of Product Security to lead and scale our product security, PSIRT, and product integrity capabilities across a modern, cloud-native, and AI-enabled technology platform. This leader will work directly with Product and Engineering leadership to embed security while ensuring our products remain resilient against real-world adversaries, abuse, and emerging AI-driven threats.This role serves as the primary technical bridge between Security, Products and Engineering, owning secure and defense by design scanning and prioritization, vulnerability and product incident response.  The leader in this role will also partner with architecture to secure the use and development of AI and agentic AI solutions. The Senior Director Of Product Security will also act as a deputy to the CISO, providing technical depth during product incidents and serving as a potential succession our CISO.A Typical Day:Product Security Leadership & Engineering PartnershipDefine and translate security requirements into practical, scalable engineering or product roadmap guidance amongst our Digital Banking products and servicesChampion Embedded security-by-design into product architecture, secure coding practices, CI/CD pipelines, and cloud-native platformsPartner with engineering leadership to drive DevSecOps adoption and measurable security outcomesProduct Security Incident Response & PSIRTOwn and mature the Product Security Incident Response Team (PSIRT) functionLead vulnerability intake, triage, remediation, and coordinated disclosure processesWorking with infrastructure, evolve emergency patch/config release processDrive post-incident learning through root-cause analysis and systemic improvementsPartner with Legal, Communications, and Customer teams during high-impact security eventsProduct Integrity, Abuse & Threat ModelingEnsure products are resilient against business logic abuse, misuse, fraud, and adversarial behaviorLead threat modeling for new products, features, and AI-enabled capabilitiesCollaborate with Fraud, Risk, and Trust teams to address cross-functional threatsChampion secure architecture reviews at design and pre-launch phasesAI & Agentic AI Security GovernancePartner with architecture to oversee security standards and defense response program for AI and agentic AI systemsEnsure secure model development, deployment, and inference pipelinesAddress AI-specific risks including:Prompt injection and jailbreaksTraining data poisoning and leakageModel extraction and inversionAgent autonomy, identity, and privilege boundariesLead AI red-teaming and adversarial testing effortsAlign AI security practices with emerging regulatory and risk frameworksSecurity Operations & Engineering EnablementProvide oversight and technical leadership across:Application SecuritySOC and detection engineeringRed, blue, and purple team programsPenetration testing and continuous assuranceEnsure logging, monitoring, and telemetry are fully integrated into engineering workflowsDrive automation and scalability across security operationsBring Your Passion, Do What You Love. Here’s What We’re Looking For:Typically requires a Bachelor’s degree in Cyber Security or Computer Science and a minimum of 15 years of related experience; or an advanced degree with 12+ years of experience; or equivalent relevant work experience.Typically requires 7+ years managing and developing employees.Experience in scaling software engineering, cloud architecture, or infrastructure engineering teams in a high available environmentExperience in regulated industries (financial services, fintech, payments, or similar) strongly preferredFamiliarity with regulatory expectations and audits related to security and riskProven ability to lead senior technical teams and cross-functional initiativesStrong communication skills across engineers, executives, auditors, regulators, and customersExperience influencing outcomes in matrixed organizationsCertifications such as CISSP, CISM, or cloud security certifications are a plusThis position requires fluent written and oral communication in English. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.Health & WellnessHybrid Work OpportunitiesFlexible Time Off Career Development & Mentoring Programs Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents Community Volunteering & Company Philanthropy Programs Employee Peer Recognition Programs – “You Earned it”Click here to find out more about the benefits we offer.Our Culture & Commitment:We’re proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare—offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (see more). We believe in making an impact—in the industry and in the community.We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status.Applicants in California or Washington State may not be exempt from federal and state overtime requirements
View Original Job Posting