Championing DevOps & Operational Support practices Identify and drive automation opportunities to streamline security and operational processes.
Advocate for and implement Infrastructure as Code and automated security controls within CI/CD pipelines.
Implementation of follow-the-sun operational support model
Fostering Collaboration and Shared Ownership Break down silos between development, operations, and security team members.
Promote open communication and cross-functional teamwork.
Establish shared goals and accountability across teams.
Technical Leadership & Security Architecture Design, develop, and oversee comprehensive security architectures for AWS Cloud environments.
Familiarity and hands on experience integrating security solutions (e.g., GuardDuty, Security Hub, IAM, KMS, CSPM, SIEM, Wiz, Static code analysis tools like Mend) for holistic coverage.
Lead the implementation of Infrastructure as Code using tools like Terraform.
Continuous Learning and Improvement Foster a culture of experimentation, learning from failure, and continuous improvement.
Invest in team training, certifications, and knowledge sharing.
Stay updated with industry trends and emerging technologies.
Security and Compliance Integrate security best practices into the DevOps lifecycle (DevSecOps).
Lead security strategy for SOC2, NIST, ISO27001, and other regulatory certifications.
Architect and oversee GRC processes, including risk assessments, policy development, and remediation tracking.
Measurement and Data-Driven Decision Making Define and track key metrics to measure DevOps and security success.
Use data to drive continuous improvement and optimize workflows.
Incident Response & Vulnerability Management Develop and guide incident response plans, lead detection and investigation efforts, and coordinate timely resolution and root cause analysis.
Architect vulnerability management programs, including regular assessments, penetration testing, and remediation.
Security Awareness & Enablement Lead organization-wide security awareness initiatives and training.
Foster a culture of security through strategic communication and enablement.
Documentation & Reporting Define and maintain security architecture documentation, controls, incident records, and compliance activities.
Prepare executive-level reports for stakeholders and leadership.
The Person:
You love to learn and grow and be acknowledged for your valuable contributions. You're not intimidated by innovation. Wouldn't it be great if you could do your job and do a world of good? In fact, you embrace it. You also have:
Education
Undergraduate degree in computer science, engineering, or a related field (or 6 years equivalent work experience in digital technologies).
Advanced degrees or certifications in cybersecurity, cloud security, or digital technology are highly desirable.
Requirements
10+ years of relevant experience in leading digital product security, cloud security architecture, DevOps and operational support.
Demonstrated experience leading global teams in cloud-native software development and delivery environments (AWS, Azure, Google Cloud).
Mastery of automation tools and Infrastructure as Code (Terraform, Ansible, CloudFormation).
Hands-on experience with CI/CD pipelines and tools
Highly desired tp have proven track record in achieving and maintaining compliance with SOC2, NIST, ISO27001, and similar standards.
Strong background in incident response, vulnerability management, and GRC processes.
Experience collaborating with external partners, vendors, and cross-functional teams.
Core Competencies
Digital Product Mindset
Collaboration/1-Team
Cybers
Additional Information
Director - Digital Product Security and Operations
Come make the world and accelerate your success.
It takes great people to achieve greatness. People with a sense of purpose and integrity. People with a relentless pursuit of excellence. People who care about making things better For Those Who Make The World™. Sound like you? Join our top-notch team of approximately 43,500 diverse and high-performing professionals globally who are making their mark on some of the world's most beloved brands, including DEWALT®, BLACK+DECKER®, CRAFTSMAN®, STANLEY®, CUB CADET®, and HUSTLER®.
The Job:
The Director of Digital Product Security and Operations will lead a global team responsible for the security, compliance, and operational excellence of our Digital Solutions offerings for Construction Technology. This leadership role ensures the confidentiality, integrity, and availability of our systems and data, driving a culture of collaboration, automation, and continuous improvement. The successful candidate is passionate about delivering robust, secure, and scalable digital solutions and thrives in a collaborative, cross-functional environment. You will leverage your technical expertise and leadership to solve complex security, DevOps and operational support challenges and drive business outcomes.
You'll get to:
Stanley Black & Decker · Towson, MD