Senior manager - application and product security

Chamberlain Group (CG) is a global leader in intelligent access and Blackstone portfolio company. Powered by our myQ technology, we make access simple and secure for millions of homeowners, businesses, and communities worldwide. Our flagship brands, LiftMaster® and Chamberlain® , are found in 51+ million homes, and 14 million+ people rely on the myQ® app daily.

Job Summary

The Senior Manager of Identity and Access Management, Application, and Product Security will report directly to the CISO and is responsible for defining and leading the enterprise strategy that protects corporate systems, digital products, and connected devices from unauthorized access, data loss, and compromise. This role drives a unified approach across IAM, secure software development, and product security — ensuring that the company’s digital ecosystem, cloud applications, and IoT platforms are built and operated with security by design. This role partners closely with Engineering, IT, and Business teams to embed robust security controls, build developer-friendly security practices, and enforce identity governance aligned with business risk appetite and compliance requirements.

Essential Duties and Responsibilities

• Own the enterprise Identity and Access Management (IAM) roadmap covering workforce and customer identity, access governance, privileged access, and federation services

• Lead the implementation and lifecycle management of IAM platforms (e.g., Okta, Azure AD, CyberArk, Ping, SailPoint).

• Partner with HR, IT, and infrastructure teams to automate identity lifecycle and onboarding/offboarding workflows.

• Integrate IAM capabilities with cloud and DevOps environments for seamless CI/CD pipeline access control.

• Define standards, code review practices, and tooling for static, dynamic, and dependency analysis

• Collaborate with software and firmware teams to design secure architectures for web, mobile, and embedded (IoT) products

• Champion “security by design” in product and feature development, including privacy and data-protection by default

• Oversee application security assessments, bug bounty program integrations, and third-party security reviews.

• Partner with product managers, developers, and IT to integrate security objectives into business and technology roadmaps.

• Act as a senior security advisor in architecture reviews, technology selection, and M&A technical due diligence

• Represent Security in governance forums and external assessments (Audits, SOC 2, ISO 27001, or customer security reviews).

• Comply with health and safety guidelines and rules; managers should also ensure compliance across their teams.

• Protect Chamberlain Group’s reputation by keeping information confidential.

• Maintain professional and technical knowledge by attending educational workshops, reading professional publications, establishing personal networks, and participating in professional societies.

• Contribute to the team effort by accomplishing related results and participating on projects as needed.

Supervision Exercised

• Motivate and lead a high performance team by attracting, developing, engaging and retaining team members

• Drive the performance management and compensation processes by communicating job expectations, monitoring and evaluating performance, providing feedback and facilitating employee development per the company’s policies

• Maintain transparent communication by appropriately communicating organization information to team through department meetings, one-on-one meetings, appropriate email, IM and regular interpersonal communications

• Lead and motivate individuals and teams to create a workplace culture that is consistent with the CG mission, vision and values.

Minimum Qualifications

Education/Certifications:

• Bachelor’s degree in business, technology or related field from an accredited college is required. Master’s degree is a plus.

• CISSP, CCSP, CSSLP, CISA, or comparable credentials in IAM or AppSec.

Experience:

• 10 plus years of experience in IT or cyber security.

• Prior experience in deploying and managing IAM and PAM technologies.

• At least 5 years of experience managing a cyber security team in a large global organization

Knowledge, Skills, and Abilities:

• Deep understanding of identity standards and protocols (SAML, OIDC, OAuth 2.0, SCIM).

• Strong grasp of secure software engineering, OWASP Top 10, and modern DevSecOps toolchains.

• Familiarity with firmware and IoT security concepts (secure boot, signed firmware, OTA updates, hardware root of trust).

• Expertise in automating security in CI/CD and cloud (AWS, Azure, GCP).

• Strong stakeholder engagement and executive-level presentation skills.

• Build consensus across engineering and product functions.

• Capable of persuading non-security leaders (e.g., IT Ops, Engineering, Product) by linking security initiatives to operational continuity, consumer trust, and compliance posture.

Other:

• Required to be in the office at least three days a week. Monday and Wednesday are mandatory.

• Ability to manage and monitor major incidents during non-business hours

#LI-Hybrid

#LI-JM2

The pay range for this position is $123,600.00 - $216,150.00; base pay offered may vary depending on a number of factors including, but not limited to, the position offered, location, education, training, and/or experience. In addition to base pay, also offered is a comprehensive benefits package and 401k contribution (all benefits are subject to eligibility requirements). This position is eligible for participation in a short-term incentive plan subject to the terms of the applicable plans and policies.

Chamberlain Group wants all of its employees to succeed and encourages people of all backgrounds to apply. We’re proud to be an Equal Opportunity Employer, and you’ll be considered for this role regardless of race, color, religion, sex, national origin, age, sexual orientation, ancestry; marital, disabled or veteran status. We’re committed to fostering an environment where people of all lived experiences feel welcome.

Persons with disabilities who anticipate needing accommodations for any part of the application process may contact, in confidence [email protected].

NOTE: Staffing agencies, headhunters, recruiters, and/or placement agencies, please do not contact our hiring managers directly.