VP Security Guardian, Product Security

Who we are looking for
We are seeking a highly technical and hands‑on Security Guardian – Product Security, Vice President to serve as a strategic security guardian to engineering, platform, and business teams. This role sits in the first line of defense and is responsible for proactively reducing technical security risk through deep engagement with product teams, rigorous architecture and application reviews, and the design and validation of embedded security controls across cloud and distributed environments.
The ideal candidate is an experienced security architect and/or a product security engineer who thrives collaborating directly with engineers, thinks like an attacker, and can translate complex security principles into actionable engineering decisions. This person brings strong expertise across multiple advanced security domains and operates as both a technical advisor and a strategic influencer.

What you will be responsible for
•    Conduct firsthand security assessments at the application, platform, and system levels using threat modeling, architecture review, and vulnerability analysis to identify design flaws, cloud misconfigurations, insecure dependencies, and agent or API abuse scenarios.
•    Design and recommend concrete security controls that are embedded directly into system and application architectures, including secure identity and access design, cryptographic protections, network isolation, runtime enforcement, and secure defaults across cloud and distributed environments.
•    Own and actively drive down technical security risk by continuously engaging with engineering and platform teams, validating that security controls are correctly implemented, effective in production, and aligned with real-world threat models rather than static risk registers.
•    Partner closely with engineering teams as an embedded product security expert, influencing design decisions early, reviewing architecture and code paths, and helping teams build secure systems by default rather than retrofitting controls.
•    Provide technically grounded security guidance to senior leadership, translating complex security tradeoffs into clear engineering decisions and recommending concrete mitigation strategies based on architecture, cloud primitives, cryptographic design, and secure software delivery practices.
•    Demonstrate deep, hands-on expertise in at least three advanced security domains, such as product security, multi-cloud security, threat modeling, secure architecture and design, Agentic AI security, blockchain and cryptographic systems, and software supply-chain security.
•    Bring strong technical depth across network security, product and platform security, data protection and cryptography, and offensive security techniques, using attacker-mindset analysis to proactively identify and remediate weaknesses before exploitation.
•    Operate effectively within agile engineering environments, embedding security into iterative delivery through DevSecOps and Shift-Left principles, automated security testing, secure CI/CD pipelines, and rapid, evidence-based decision-making.
•    Demonstrate strong written and oral communication skills, effectively engaging with engineers, architects, and platform teams on deep technical security topics while clearly articulating security risks, design tradeoffs, and remediation strategies to business and executive stakeholders in a concise, actionable manner.

What we value
These skills will help you succeed in this role.
•    Strong analytical and critical thinking skills, excellent communication (written and verbal) and advisory skills, attention to detail, ability to work independently and in teams, adaptability, and ethical judgment.
•    Demonstrate strategic and tactical thinking, along with decision-making skills and business acumen.
•    Be organized, dependable and have a strong bias for action.

Education & Preferred Qualifications
•    At least 7+ years of progressive cybersecurity experience with focus in Product and Cloud security and 3+ years within financial services.
•    Bachelor’s degree in computer science or related technical field.
•    Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and GIAC are preferred.
•    AWS or Azure Cloud Security certification is highly valued.
•    Proven experience collaborating with engineering teams in an embedded security engagement model.
 

Salary Range:

$120,000 - $202,500 Annual

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

Employees are eligible to participate in State Street’s comprehensive benefits program, which includes: our retirement savings plan (401K) with company match; insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages; paid-time off including vacation, sick leave, short term disability, and family care responsibilities; access to our Employee Assistance Program; incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans); and, eligibility for certain tax advantaged savings plans.

For a full overview, visit https://hrportal.ehr.com/statestreet/Home.

About State Street

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

We are committed to fostering an environment where every employee feels valued and empowered to reach their full potential. As an essential partner in our shared success, you’ll benefit from inclusive development opportunities, flexible work-life support, paid volunteer days, and vibrant employee networks that keep you connected to what matters most. Join us in shaping the future.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

Discover more information on jobs at StateStreet.com/careers

Read our CEO Statement

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.