Director, Supply Chain Security

This is a fully remote position, open to applicants in Texas.

📋 Description

• In the role of a key member of the Product Security and Privacy team, you will lead and manage the company-wide Product Supply Chain Security initiative.

• You will guide a team that will create and put into action the required standards, policies, and technical capabilities to maintain the integrity, security, and trustworthiness of software from its development phase through to build, distribution, and deployment across a varied range of products and environments.

• Responsible for ensuring the consistency, scalability, and defensibility of supply chain security practices, you will make sure that controls are not only established but also effectively implemented and enforced in collaboration with IT and Information Security teams.

• You will operate at a strategic level, developing and leading a team dedicated to securing source code, build systems, third-party components, and deployment environments while empowering product teams to embrace secure-by-design practices through standardized architectures and processes.

⛳️ Requirements

• Proven experience in designing, building, or leading software supply chain security, DevSecOps security, or similar programs within the realms of product security or application security.

• Solid understanding of software development lifecycles, CI/CD pipelines, and build systems.

• Demonstrated experience in defining and implementing security controls for source code management, build environments, and handling software artifacts.

• Familiarity with software supply chain security frameworks and concepts, such as SLSA, SBOM, and software provenance.

• Background in code signing, cryptographic principles, and secure key management practices.

• Experience collaborating with IT and Information Security teams to establish and enforce security controls.

• Knowledge of regulatory requirements related to product and supply chain security, including the EU Cyber Resilience Act (CRA).

• Strong capability to define scalable policies, standards, and governance models across large organizations.

• Exceptional communication skills with the ability to convey complex technical risks in terms of business impact.

• Experience operating in extensive multi-product environments with distributed engineering and DevOps teams.

• Preferred experience in implementing or managing SBOM programs and third-party/open source risk management processes.

• Preferred experience in securing cloud-native and containerized development environments.

• Preferred experience in manufacturing, embedded systems, or factory deployment environments.

• Preferred experience with Agile/SAFe methodologies.

• Preferred experience in building and leading high-performing security teams.

🏝️ Benefits

• Competitive salary and rewards package.

• Attractive benefits and annual leave offerings to support work-life balance.

• A vibrant, welcoming, and inclusive culture.

• Extensive career development opportunities and resources to help you maximize your potential.