Blue Cross Blue Shield of Massachusetts
What We Need
We are seeking a seasoned and strategic Lead Product Owner to join our Information Security organization. In this high-impact role, you will guide the vision, strategy, and roadmap for our security product portfolio. You will translate complex security and compliance requirements into actionable product backlogs, lead cross-functional agile teams, and drive the execution of operational security initiatives that deliver scalable, effective, and compliant solutions to protect the enterprise from an evolving threat landscape.
Your Day to Day
Develop, own, and champion a clear, aligned product vision, strategy, and roadmap for our security product portfolio that meets business objectives and regulatory requirements.
Lead the roadmap for compliance frameworks, ensuring timely and effective implementation of security controls to maintain compliance with industry standards (e.g., SOC 1, SOC 2, NIST, HIPAA, HITRUST).
Translate complex regulatory and policy requirements into clear and actionable initiatives, epics, and stories for the development team.
Define and prioritize the operational aspects of the security roadmap, focusing on strategic enhancements to threat detection, vulnerability management, identity and access management (IAM), and other critical security domains.
Act as the primary liaison between security engineers, architects, compliance, legal, and business stakeholders, conducting workshops and gathering requirements to ensure alignment.
Leverage cybersecurity domain knowledge and threat modeling to identify security requirements and mitigate potential weaknesses in products and services.
Define and track key performance indicators (KPIs) and metrics to measure the success and effectiveness of security functions and drive continuous improvement.
Partner with Legal, Compliance, and Risk to ensure the security roadmap aligns with strategic priorities and the evolving threat landscape.
This document is not an exhaustive list of all responsibilities, skills, duties, requirements, or working conditions associated with the job. Employees may be required to perform other job-related duties.
What You Bring
Experience: 8-10 years of experience as a Product Owner or in a relevant technical product management role, with a strong focus on information security, compliance, or cybersecurity operations.
Education: BA/BS in Computer Science, technology, or business, or equivalent work experience. MS/MBA is preferred.
Certifications: Product Owner certification (e.g., CSPO) is a plus. Relevant security certifications such as CISSP are also highly desirable.
Domain Expertise: Deep knowledge of cybersecurity principles, security frameworks (e.g., NIST), and security tools (e.g., SIEM, EDR, IAM).
Methodology: Demonstrated experience with Agile methodologies (Scrum, Kanban) and a track record of leading technical product teams.
Technical Knowledge: Experience with cloud security best practices and platforms (AWS, Azure, GCP), as well as familiarity with the Secure Software Development Life Cycle (SSDLC) and application security.
Skills: Strong analytical, problem-solving, and decision-making skills. Excellent communication, negotiation, and interpersonal skills with the ability to influence stakeholders at all levels.
What You’ll Gain Lead Product Owner focused on Information Security, Cybersecurity and AI Security is considered one of the most promising and career-oriented roles in an enterprise. Making a career in this field offers significant exciting opportunities. You will gain deep domain expertise in security products, enhanced strategic leadership skills, improved cross-functional communication and collaboration, and significant professional development by steering the vision and roadmap for security products and services.
Minimum Education Requirements High school degree or equivalent required unless otherwise noted above
Location Location: Boston. Time Type: Full time. Salary Range: $135,180.00 - $165,220.00
#J-18808-Ljbffr
Your Day to Day
Develop, own, and champion a clear, aligned product vision, strategy, and roadmap for our security product portfolio that meets business objectives and regulatory requirements.
Lead the roadmap for compliance frameworks, ensuring timely and effective implementation of security controls to maintain compliance with industry standards (e.g., SOC 1, SOC 2, NIST, HIPAA, HITRUST).
Translate complex regulatory and policy requirements into clear and actionable initiatives, epics, and stories for the development team.
Define and prioritize the operational aspects of the security roadmap, focusing on strategic enhancements to threat detection, vulnerability management, identity and access management (IAM), and other critical security domains.
Act as the primary liaison between security engineers, architects, compliance, legal, and business stakeholders, conducting workshops and gathering requirements to ensure alignment.
Leverage cybersecurity domain knowledge and threat modeling to identify security requirements and mitigate potential weaknesses in products and services.
Define and track key performance indicators (KPIs) and metrics to measure the success and effectiveness of security functions and drive continuous improvement.
Partner with Legal, Compliance, and Risk to ensure the security roadmap aligns with strategic priorities and the evolving threat landscape.
This document is not an exhaustive list of all responsibilities, skills, duties, requirements, or working conditions associated with the job. Employees may be required to perform other job-related duties.
What You Bring
Experience: 8-10 years of experience as a Product Owner or in a relevant technical product management role, with a strong focus on information security, compliance, or cybersecurity operations.
Education: BA/BS in Computer Science, technology, or business, or equivalent work experience. MS/MBA is preferred.
Certifications: Product Owner certification (e.g., CSPO) is a plus. Relevant security certifications such as CISSP are also highly desirable.
Domain Expertise: Deep knowledge of cybersecurity principles, security frameworks (e.g., NIST), and security tools (e.g., SIEM, EDR, IAM).
Methodology: Demonstrated experience with Agile methodologies (Scrum, Kanban) and a track record of leading technical product teams.
Technical Knowledge: Experience with cloud security best practices and platforms (AWS, Azure, GCP), as well as familiarity with the Secure Software Development Life Cycle (SSDLC) and application security.
Skills: Strong analytical, problem-solving, and decision-making skills. Excellent communication, negotiation, and interpersonal skills with the ability to influence stakeholders at all levels.
What You’ll Gain Lead Product Owner focused on Information Security, Cybersecurity and AI Security is considered one of the most promising and career-oriented roles in an enterprise. Making a career in this field offers significant exciting opportunities. You will gain deep domain expertise in security products, enhanced strategic leadership skills, improved cross-functional communication and collaboration, and significant professional development by steering the vision and roadmap for security products and services.
Minimum Education Requirements High school degree or equivalent required unless otherwise noted above
Location Location: Boston. Time Type: Full time. Salary Range: $135,180.00 - $165,220.00
#J-18808-Ljbffr