Product Cyber Security Manager

We're partnering with a major European technology organisation undergoing a significant security transformation to appoint a Product Cyber Security Manager-a pivotal role with enterprise-wide impact.

This is a rare opportunity to shape and lead a pan-European secure development capability, embedding "shift-left" principles across a complex portfolio of products and services used by millions. You'll operate at the intersection of engineering, security, and business leadership-driving cultural change, reducing cyber risk, and influencing how software is built at scale.

Cyber risk is now a board-level priority. This role exists to build a best-in-class Secure Development Practice that protects the organisation's products, customers, and reputation.

You'll define the strategy, build capability, and lead both a high-performing core team and a virtual network of 20-50 specialists across Europe-bringing together existing expertise into a unified, high-impact function.

Longer term, you'll take ownership of product security across all European markets, shaping policy, tooling, and governance that directly influence delivery, quality, and resilience.

• Build and lead a specialist secure development team, setting the vision and operating model
• Establish a Centre of Excellence for secure engineering, driving consistency and best practice
• Develop and embed SDLC frameworks, policies, and guardrails aligned to leading standards (NIST SSDF, OWASP, ISO)
• Create and scale a pan-European virtual capability, influencing without direct authority
• Partner with senior stakeholders across engineering, product, legal, and commercial teams to embed security into lifecycle governance
• Define and implement a modern DevSecOps tooling strategy (CI/CD, SAST/DAST, SCM, automation)
• Drive secure coding, threat modelling, and supply chain security practices (SBOM, provenance, signing)
• Develop KPIs, metrics, and maturity models to track and continuously improve SDLC performance
• Build compelling business cases for investment, linking security improvements to risk reduction and commercial outcomes
• Act as a trusted advisor to senior leadership, challenging the status quo and influencing at board level

This is a senior, strategic hire-ideal for someone who has already operated at a senior level within a large, complex environment.

You'll bring:

• Proven experience leading secure development or DevSecOps transformation at scale
• Deep knowledge of SDLC security frameworks (e.g. NIST SSDF, OWASP SAMM/ASVS, ISO 27034)
• Strong understanding of modern engineering practices (Agile, CI/CD, cloud, automation)
• Expertise in application security, threat modelling, and secure coding standards
• Experience implementing tooling ecosystems (e.g. SAST, DAST, SCA, pipeline automation)
• A track record of influencing senior stakeholders and driving cultural change
• Ability to build and lead both direct and virtual teams across geographies
• Commercial awareness-understanding how security decisions impact time-to-market and business outcomes

• Enterprise-wide impact: Shape how software is built across a major European organisation
• Strategic influence: Engage directly with executive leadership and board-level stakeholders
• Build from the ground up: Create and define a capability that doesn't yet fully exist
• Scale and complexity: Work across diverse products, markets, and engineering teams
• Career-defining opportunity: A chance to lead one of the most critical areas in modern technology delivery