• Product Security Director

    Brunswick (Mettawa, IL)


    _Are you ready for what’s next?_

     

    _Come explore opportunities within Brunswick, a global marine leader (https://youtube.com/watch?v=ksuQ6B2j\_mA) committed to challenging conventions and innovating next-generation technologies that transform experiences on the water and beyond. Brunswick believes “Next Never Rests™,” and we offer a variety of exciting careers and growth opportunities within united teams defining the future of marine recreation._

    Job Summary:

    The Information Security Team at Brunswick is seeking an experienced Director of Product Security to lead our comprehensive product security strategy across embedded systems, hardware and IoT platforms, and application development. Reporting to the Chief Information Security Officer, this senior leader will be a member of the Information Security Leadership Team and will be responsible for building and executing security frameworks that protect our products from design through deployment to enable Brunswick to securely, reliably, and safely deliver experiences on the water and beyond. Working alongside product leaders to execute a strategy that algins with business objectives, the Director of Product Security will seek to ensure effective security postures across our diverse technology stack. The ideal candidate will be a strategic thinker with hands-on technical expertise and a passion for securing complex product ecosystems.​​​​​​​​​​​​​​​​

    Primary Duties and Responsibilities:

    Strategic Leadership

    + Develop and implement enterprise-wide product security strategy encompassing embedded systems, hardware security, and application security

    + Build, lead, and mentor a high-performing product security team

    + Collaborate with engineering, product management, and executive teams to integrate security into product roadmaps

    + Establish security governance frameworks and risk assessment methodologies

    + Drive security culture adoption across all product development teams

    Embedded Systems Security

    + Design security architectures for IoT devices, microcontrollers, and embedded platforms

    + Implement secure boot processes, firmware validation, and over-the-air update mechanisms

    + Establish secure communication protocols for device-to-device and device-to-cloud interactions

    + Conduct threat modeling and security assessments for embedded system designs

    + Oversee implementation of hardware security modules (HSMs) and trusted execution environments

    Hardware Security

    + Lead hardware security design reviews and vulnerability assessments

    + In conjunction with Brunswick’s Global Supply Chain leaders, implement supply chain security measures for hardware components and manufacturing

    + Design tamper-resistant and tamper-evident hardware solutions

    + Establish secure key management and cryptographic implementations in hardware

    + Coordinate with hardware engineering teams on secure silicon design and validation

    Application Development Security

    + Implement secure software development lifecycle (SSDLC) practices

    + Develop governance model for existing application security testing frameworks including SAST, DAST, IAST, and SCA

    + Lead threat modeling exercises for application architectures

    + Design secure APIs, authentication systems, and data protection mechanisms

    + Oversee security code review processes and developer security training programs

    Risk Management & Compliance

    + Conduct comprehensive security risk assessments across all product lines

    + Ensure compliance with industry standards (ISO 27001, IEC 62443, NIST frameworks)

    + Manage vulnerability disclosure programs and coordinate security incident response

    + Maintain relationships with external security researchers and coordinate bug bounty programs

    + Prepare security documentation and reports for executive leadership and compliance audits

    Qualifications:

    Required Qualifications

    + Bachelor’s degree in Computer Science, Electrical Engineering, Cybersecurity, or related field;

    + 10+ years of experience in product security, with at least 5 years in leadership roles

    + Deep expertise in embedded systems security, including firmware security, secure boot, and IoT security protocols

    + Extensive knowledge of hardware security principles, including cryptographic implementations, secure elements, and anti-tampering techniques

    + Strong background in application security, including secure coding practices, vulnerability assessment, and security testing methodologies

    + Experience with security frameworks and standards (OWASP, NIST, ISO 27001, Common Criteria)

    + Proven track record of building and scaling security teams

    + Strong understanding of threat modeling, risk assessment, and security architecture design

    + Proven track record of designing and implementing cloud security and DevSecOps practices

    Preferred Qualifications:

    + Master’s degree in Computer Science, Electrical Engineering, Cybersecurity, or related

    + Industry certifications such as CISSP, SABSA, TOGAF, or similar

    + Experience with regulatory compliance in relevant industries (automotive, medical devices, industrial IoT)

    + Background in penetration testing and red team exercises

    Technical Qualifications and Skills:

    + Knowledge of machine learning security and AI/ML system protection

    + Previous experience in product companies with complex hardware/software integration

    + Programming languages: C/C++, Python, Java, Assembly

    + Security tools: Static analysis tools, dynamic testing frameworks, hardware security analyzers

    + Cryptography: Implementation and deployment of cryptographic protocols and key management systems

    + Hardware platforms: ARM, x86, RISC-V, microcontrollers, FPGAs

    + Communication protocols: TLS/SSL, IPSec, wireless security protocols (WiFi, Bluetooth, Zigbee)

    + Cloud platforms: AWS, Azure, GCP security services

    + Development tools: Version control systems, CI/CD pipelines, containerization

    Travel Requirements:

    This position is located in Mettawa, IL, with travel quarterly travel required to engineering locations around the globe.

     

    The anticipated pay range for this position is $148,300 - $250,300 annually. The actual base pay offered will vary depending on multiple factors including job- related knowledge/skills, relevant experience, business needs, and geographic location. In addition to base pay, this position is eligible for an annual discretionary bonus. This position is also eligible for an award target as part of Brunswick’s long-term incentive program

     

    At Brunswick, it is not typical for an individual to be hired at or near the top end of the salary range for their role. Compensation decisions are dependent upon the specifics of the candidate’s qualifications and the business context.

     

    This position is eligible to participate in Brunswick's comprehensive and high-quality benefits offerings, including medical, dental, vision, paid vacation, 401k (up to 4% match), Health Savings Account (with company contribution), well-being program, product purchase discounts and much more. Details about our benefits can be found here (https://www.brunswick.com/careers/culture-benefits/benefits) .

     

    _Next is Now!_

     

    _We value growth and development, recognizing that people come with a wealth of experience and talent beyond just the technical requirements of a job. If your experience is close to what you see listed here, please still consider applying._

     

    Brunswick is an Equal Opportunity Employer and considers all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by federal, state, or local law. Diversity of experience and skills combined with passion is key to innovation and inspiration and we encourage individuals from all backgrounds to apply. If you require accommodation during the application or interview process, please contact [email protected] for support.

     

    For more information about EEO laws, - click here (https://www.eeoc.gov/employees-job-applicants)

     

    Brunswick and Workday (https://www.workday.com/en-us/service-privacy.html?&\_rda=/company/service\_privacy.php) Privacy Policies

     

    Brunswick does not accept applications, inquiries or solicitations from unapproved staffing agencies or vendors. For help, please contact our support team at: [email protected] or 866-278-6942.

     

    All job offers will come to you via the candidate portal you create when applying through a posted position through https:///www.brunswick.com/careers . If you are ever unsure about what is being required of you during the application process or its source, please contact HR Shared Services at 866-278-6942 or [email protected] .

     

    \#Brunswick Corporation