Brunswick Corporation
Join to apply for the
Product Security Director
role at
Brunswick Corporation Brunswick is a global marine leader committed to challenging conventions and innovating next-generation technologies that transform experiences on the water and beyond. Brunswick believes “Next Never Rests,” and we offer a variety of exciting careers and growth opportunities within united teams defining the future of marine recreation. Job Summary
The Information Security Team at Brunswick is seeking an experienced Director of Product Security to lead our comprehensive product security strategy across embedded systems, hardware and IoT platforms, and application development. Reporting to the Chief Information Security Officer, this senior leader will be a member of the Information Security Leadership Team and will be responsible for building and executing security frameworks that protect our products from design through deployment to enable Brunswick to securely, reliably, and safely deliver experiences on the water and beyond. Primary Duties and Responsibilities
Develop and implement enterprise-wide product security strategy encompassing embedded systems, hardware security, and application security Build, lead, and mentor a high-performing product security team Collaborate with engineering, product management, and executive teams to integrate security into product roadmaps Establish security governance frameworks and risk assessment methodologies Drive security culture adoption across all product development teams Embedded Systems Security
Design security architectures for IoT devices, microcontrollers, and embedded platforms Implement secure boot processes, firmware validation, and over-the-air update mechanisms Establish secure communication protocols for device-to-device and device-to-cloud interactions Conduct threat modeling and security assessments for embedded system designs Oversee implementation of hardware security modules (HSMs) and trusted execution environments Hardware Security
Lead hardware security design reviews and vulnerability assessments Implement supply chain security measures for hardware components and manufacturing Design tamper-resistant and tamper-evident hardware solutions Establish secure key management and cryptographic implementations in hardware Coordinate with hardware engineering teams on secure silicon design and validation Application Development Security
Implement secure software development lifecycle (SSDLC) practices Develop governance model for existing application security testing frameworks including SAST, DAST, IAST, and SCA Lead threat modeling exercises for application architectures Design secure APIs, authentication systems, and data protection mechanisms Oversee security code review processes and developer security training programs Risk Management & Compliance
Conduct comprehensive security risk assessments across all product lines Ensure compliance with industry standards (ISO 27001, IEC 62443, NIST frameworks) Manage vulnerability disclosure programs and coordinate security incident response Maintain relationships with external security researchers and coordinate bug bounty programs Prepare security documentation and reports for executive leadership and compliance audits Qualifications
Bachelor’s degree in Computer Science, Electrical Engineering, Cybersecurity, or related field 10+ years of experience in product security, with at least 5 years in leadership roles Deep expertise in embedded systems security, including firmware security, secure boot, and IoT security protocols Extensive knowledge of hardware security principles, including cryptographic implementations, secure elements, and anti-tampering techniques Strong background in application security, including secure coding practices, vulnerability assessment, and security testing methodologies Experience with security frameworks and standards (OWASP, NIST, ISO 27001, Common Criteria) Proven track record of building and scaling security teams Strong understanding of threat modeling, risk assessment, and security architecture design Proven track record of designing and implementing cloud security and DevSecOps practices Brunswick is an Equal Opportunity Employer and considers all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by federal, state, or local law.
#J-18808-Ljbffr
Product Security Director
role at
Brunswick Corporation Brunswick is a global marine leader committed to challenging conventions and innovating next-generation technologies that transform experiences on the water and beyond. Brunswick believes “Next Never Rests,” and we offer a variety of exciting careers and growth opportunities within united teams defining the future of marine recreation. Job Summary
The Information Security Team at Brunswick is seeking an experienced Director of Product Security to lead our comprehensive product security strategy across embedded systems, hardware and IoT platforms, and application development. Reporting to the Chief Information Security Officer, this senior leader will be a member of the Information Security Leadership Team and will be responsible for building and executing security frameworks that protect our products from design through deployment to enable Brunswick to securely, reliably, and safely deliver experiences on the water and beyond. Primary Duties and Responsibilities
Develop and implement enterprise-wide product security strategy encompassing embedded systems, hardware security, and application security Build, lead, and mentor a high-performing product security team Collaborate with engineering, product management, and executive teams to integrate security into product roadmaps Establish security governance frameworks and risk assessment methodologies Drive security culture adoption across all product development teams Embedded Systems Security
Design security architectures for IoT devices, microcontrollers, and embedded platforms Implement secure boot processes, firmware validation, and over-the-air update mechanisms Establish secure communication protocols for device-to-device and device-to-cloud interactions Conduct threat modeling and security assessments for embedded system designs Oversee implementation of hardware security modules (HSMs) and trusted execution environments Hardware Security
Lead hardware security design reviews and vulnerability assessments Implement supply chain security measures for hardware components and manufacturing Design tamper-resistant and tamper-evident hardware solutions Establish secure key management and cryptographic implementations in hardware Coordinate with hardware engineering teams on secure silicon design and validation Application Development Security
Implement secure software development lifecycle (SSDLC) practices Develop governance model for existing application security testing frameworks including SAST, DAST, IAST, and SCA Lead threat modeling exercises for application architectures Design secure APIs, authentication systems, and data protection mechanisms Oversee security code review processes and developer security training programs Risk Management & Compliance
Conduct comprehensive security risk assessments across all product lines Ensure compliance with industry standards (ISO 27001, IEC 62443, NIST frameworks) Manage vulnerability disclosure programs and coordinate security incident response Maintain relationships with external security researchers and coordinate bug bounty programs Prepare security documentation and reports for executive leadership and compliance audits Qualifications
Bachelor’s degree in Computer Science, Electrical Engineering, Cybersecurity, or related field 10+ years of experience in product security, with at least 5 years in leadership roles Deep expertise in embedded systems security, including firmware security, secure boot, and IoT security protocols Extensive knowledge of hardware security principles, including cryptographic implementations, secure elements, and anti-tampering techniques Strong background in application security, including secure coding practices, vulnerability assessment, and security testing methodologies Experience with security frameworks and standards (OWASP, NIST, ISO 27001, Common Criteria) Proven track record of building and scaling security teams Strong understanding of threat modeling, risk assessment, and security architecture design Proven track record of designing and implementing cloud security and DevSecOps practices Brunswick is an Equal Opportunity Employer and considers all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status or any other characteristic protected by federal, state, or local law.
#J-18808-Ljbffr