Head of Product Security

Head of Product Security

Permanent – Hybrid Manchester

Join a leading global organisation’s digital and technology division, taking ownership of Product Security across a broad portfolio of modern customer-facing and enterprise digital solutions. As Head of Product Security, you will shape the security direction of cloud platforms, mobile applications, and digital services that support millions of users worldwide.

This is an opportunity to lead a high-performing team, drive a Secure-by-Design culture, and embed modern DevSecOps practices across a technology estate undergoing significant transformation. The role combines strategic vision, technical depth, and strong stakeholder leadership within a mature, well-funded security function.

Key Responsibilities

• Own, evolve, and embed the organisation’s Product Security Framework across all digital product lifecycles.• Lead the Secure-by-Design agenda, guiding teams through the transition to modern DevSecOps ways of working.• Oversee application and cloud security posture, ensuring alignment with GDPR, ISO 27001, NIST, and related standards.• Act as a security thought-leader, monitoring emerging threats and industry best practice.• Build, manage, and mentor a skilled team of Product & Application Security specialists.• Provide governance, reporting, and risk-management insights across senior technology and business stakeholders.• Support internal and external audit requirements, delivering evidence, improvements, and control assurance.

Skills & Experience Required

• Degree-level education or equivalent experience in Cybersecurity, IT, or a related discipline.• Professional certifications such as CISSP, CISM, CISA.• A minimum of 8+ years’ experience in cybersecurity at Enterprise level

• A minimum of 2+ years in a demonstrable leadership capacity.• Strong technical grounding in application security, cloud security, and DevSecOps.• Hands-on experience with SCA, SAST, DAST, CSPM, CNAPP

• Excellent practical familiarity with industry frameworks such as OWASP and NIST.• Proven ability to drive organisational change and influence senior stakeholders.• Excellent communication and documentation skills.

KEY NFO:

** Visa sponsorship is not available at this time

** Hybrid working will require the successful candidate to reside within a reasonable commutable distance.

Rewards & Benefits

In addition to a strong salary linked to experience:

• 25 days annual leave (increasing with service), with the option to buy or sell• Enhanced pension and life-assurance schemes• Private medical insurance• Access to wellbeing, mental-health, and lifestyle support programmes• Employee discounts across a range of health and related services

Keyword Terminology

Application Security, Product Security, AppSec, Cloud Security, DevSecOps, Secure-by-Design, SDLC Security, OWASP, NIST, SAST, DAST, SCA, CSPM, CNAPP, CISSP, CISM, CISA, Security Frameworks, GDPR, ISO 27001, Risk Management, Security Governance