Director of Cloud Platform Security

Burlington, MA, US, 01803


Main Duties

  • Own and constantly improve the overall security posture for Sophos Central
  • Own the security roadmap for Sophos Central
  • Lead security design and threat modelling activities
  • Organize and lead vulnerability triage and response
  • Lead security incident response activities within Sophos Central
  • Communicate and advocate for security priorities to product group executives
  • Effectively work cross-functionally with our SOC and CTO office to improve the overall security of the Sophos estate
  • Build strong relationships with peers and executives across the Products organization
  • Work with external vendors on various security/pentest programs
  • Recruit, hire and retain top technical talent


Skills & Experience

  • Track record of delivering high-quality products and services in a fast-paced, high-growth cloud environment
  • Experience hiring and leading high-performing teams
  • Track record of collaborative, cross-functional problem solving
  • Familiarity with common products and tools used to secure and manage cloud workloads
  • Strong information security risk-based prioritization skills
  • Hands-on knowledge of information security technologies and practices such as security design review, threat modeling, risk analysis, and software testing techniques
  • Proven ability to handle high stress, time sensitive security tasks
  • Deep understanding of SaaS/PaaS cloud architecture
  • Passion for building and automating quality and security into the software development lifecycle
  • Excellent verbal and written communication skills
  • Passion to learn world of internet security and the Sophos product set
  • Bachelor’s Degree in Computer Science or equivalent


Equal Opportunities

Sophos is committed to equality opportunity in all areas of its work. All qualified applicants will be treated in a fair and equal manner and in accordance with the law regardless of gender, marital status, race, religion, colour, age, disability or sexual orientation. If you choose to explore this opportunity, and subsequently share your CV or other personal details with Sophos, these details will be held by Sophos for 12 months in accordance with our data protection policy which can be found here and used by our recruitment team to contact you regarding this or other relevant opportunities here at Sophos. If you would like Sophos to delete or update your details at any time, please reply to this or other emails from Sophos clearly stating your request, or follow the steps set out in the data protection policydescribing your individuals rights. If you have any questions about Sophos' data protection practices, please contact dataprotection@sophos.com.


At Sophos, we want every organization to be protected by innovative, next-generation IT security, even those who don't have a huge IT staff. We protect organizations of all sizes, all around the world by making enterprise-grade security that is simple to deploy, manage, and use. It is our passion, and something we are truly proud of.