[Hiring] Director – Digital Product Security and Operations @Stanley Black & Decker, Inc.

Role Description

The Director of Digital Product Security and Operations will lead a global team responsible for the security, compliance, and operational excellence of our Digital Solutions offerings for Construction Technology. This leadership role ensures the confidentiality, integrity, and availability of our systems and data, driving a culture of collaboration, automation, and continuous improvement. The successful candidate is passionate about delivering robust, secure, and scalable digital solutions and thrives in a collaborative, cross-functional environment. You will leverage your technical expertise and leadership to solve complex security, DevOps and operational support challenges and drive business outcomes.

Key Responsibilities

• Championing DevOps & Operational Support practices
• Identify and drive automation opportunities to streamline security and operational processes.
• Advocate for and implement Infrastructure as Code and automated security controls within CI/CD pipelines.
• Implementation of follow-the-sun operational support model.
• Fostering Collaboration and Shared Ownership
• Break down silos between development, operations, and security team members.
• Promote open communication and cross-functional teamwork.
• Establish shared goals and accountability across teams.
• Technical Leadership & Security Architecture
• Design, develop, and oversee comprehensive security architectures for AWS Cloud environments.
• Familiarity and hands-on experience integrating security solutions (e.g., GuardDuty, Security Hub, IAM, KMS, CSPM, SIEM, Wiz, Static code analysis tools like Mend) for holistic coverage.
• Lead the implementation of Infrastructure as Code using tools like Terraform.
• Continuous Learning and Improvement
• Foster a culture of experimentation, learning from failure, and continuous improvement.
• Invest in team training, certifications, and knowledge sharing.
• Stay updated with industry trends and emerging technologies.
• Security and Compliance
• Integrate security best practices into the DevOps lifecycle (DevSecOps).
• Lead security strategy for SOC2, NIST, ISO27001, and other regulatory certifications.
• Architect and oversee GRC processes, including risk assessments, policy development, and remediation tracking.
• Measurement and Data-Driven Decision Making
• Define and track key metrics to measure DevOps and security success.
• Use data to drive continuous improvement and optimize workflows.
• Incident Response & Vulnerability Management
• Develop and guide incident response plans, lead detection and investigation efforts, and coordinate timely resolution and root cause analysis.
• Architect vulnerability management programs, including regular assessments, penetration testing, and remediation.
• Security Awareness & Enablement
• Lead organization-wide security awareness initiatives and training.
• Foster a culture of security through strategic communication and enablement.
• Documentation & Reporting
• Define and maintain security architecture documentation, controls, incident records, and compliance activities.
• Prepare executive-level reports for stakeholders and leadership.

Qualifications

• Undergraduate degree in computer science, engineering, or a related field (or 6 years equivalent work experience in digital technologies).
• Advanced degrees or certifications in cybersecurity, cloud security, or digital technology are highly desirable.
• 10+ years of relevant experience in leading digital product security, cloud security architecture, DevOps and operational support.
• Demonstrated experience leading global teams in cloud-native software development and delivery environments (AWS, Azure, Google Cloud).
• Mastery of automation tools and Infrastructure as Code (Terraform, Ansible, CloudFormation).
• Hands-on experience with CI/CD pipelines and tools.
• Proven track record in achieving and maintaining compliance with SOC2, NIST, ISO27001, and similar standards.
• Strong background in incident response, vulnerability management, and GRC processes.
• Experience collaborating with external partners, vendors, and cross-functional teams.

Core Competencies

• Digital Product Mindset
• Collaboration/1-Team
• Cybersecurity
• Modern Cloud Native software development

Leadership Competencies

• Driving Digital Innovation
• Continuous Improvement
• Operating From a Global Perspective
• Relationship Building

Benefits

• Medical, dental, life, vision, disability, 401(k), Employee Stock Purchase Plan, paid time off, and tuition reimbursement in addition to programs & benefits in support of your well-being.
• Discounts on Stanley Black & Decker tools and other partner programs.

Salary Range

The Salary range for this position is $134,300.00 - $231,700.00. This is the lowest to highest annual full-time salary range we would pay for this role at the time of this posting. The salary offered within the range may vary depending on multiple factors including job level, geographic location, job-related knowledge, skills, qualifications, experience and in compliance with local wage requirements.