Principal Product Security Responder

Job Summary

Leading the Product Security Incident Response Team, the full-time remote Principal Product Security Incident Responder will manage product vulnerabilities, coordinate incident responses, and oversee the CVE Numbering Authority program while ensuring compliance with regulatory obligations.

Key Responsibilities:

• Operate the PSIRT, maintaining policies and tools for triaging and resolving product vulnerabilities across business units
• Lead responses to product-related cybersecurity incidents, coordinating with engineering, legal, and customer teams
• Align PSIRT operations with the CISO's CERT function and report on performance metrics for executive leadership

Required Qualifications:

• 8+ years of cybersecurity experience with expertise in PSIRT operations or product incident response in an industrial context
• Proven experience leading a PSIRT function and managing coordinated disclosures
• Experience engaging with law enforcement and government agencies on cybersecurity incidents
• Deep familiarity with CVE, CVSS, CWE, and relevant standards like ISO/IEC 29147/30111
• Bachelor's degree in a technical discipline