PLogitech is the Sweet Spot for people who want their actions to have a positive global impact while having the flexibility to do it in their own way. /ppbThe Team and Role: /b /ppThe Head of Product Security is responsible for establishing, maintaining, and overseeing the comprehensive security strategy for all Logitech products and associated customer-facing services - including Internet of Things (IoT) devices, mobile applications, desktop software, and their related cloud infrastructure and services - throughout their entire lifecycle, ensuring compliance, protecting customer data, and preserving brand trust. /ppThe Head of Product Security leads a dedicated team and a community of product security champions across the globe. /ppThe role is based in Lausanne, and reports to the CISO. /ppbYour Contribution: /b /ppBe Yourself. Be Open. Stay Hungry and Humble. Collaborate. Challenge. Decide and just Do. These are the behaviors you’ll need for success at Logitech. /ppIn this role you will have the following responsibilities: /ppbStrategic Leadership Governance /b /plipArchitect and execute a comprehensive product security strategy and roadmap aligned with business growth, reporting on risk posture and program performance to executive leadership. /p /lilipIntegrate Product Security resilience as a competitive differentiator, actively supporting brand trust, enabling new service-based revenue models, and mitigating PL exposure from legal and product liability risks. /p /lilipDevelop and implement product security policies, standards, and guidelines. /p /lilipDirect global regulatory compliance strategies for mandatory standards such as the EU CRA and UK PSTI, overseeing gap analysis and remediation across cross-functional teams. /p /lilipLead and mentor a high-performing security team while fostering a proactive, collaborative security culture across the global organization. /p /lipbSecure Product Lifecycle Engineering /b /plipChampion "Security by Design" by integrating secure development lifecycle practices into all IoT, mobile, desktop, and cloud infrastructure products and development teams. /p /lilipEstablish and enforce "Safe AI by Design" principles to ensure that AI models, training data, and deployed agents are protected against manipulation, adversarial attacks, prompt injection, and property theft. /p /lilipEnsure mandatory disclosure and reporting requirements, such as vulnerability disclosure processes and security update periods, are publicly and accurately communicated. /p /lilipEnforce robust supply chain and manufacturing security standards for Operations teams and third-party partners (JDM/ODM) and suppliers to protect firmware, source code, and production integrity. /p /lilipProvide expert security advice, guidance and support to engineering and product teams. /p /lilipEnsure product decommissioning to maintain security integrity throughout the entire product lifecycle. /p /lipbOperational Defense Assurance /b /plipOversee comprehensive penetration testing and vulnerability management programs, driving the remediation lifecycle in collaboration with asset owners. /p /lilipEstablish proactive AI-enabled threat hunting capabilities to identify and mitigate existing and emerging attack vectors targeting company products. /p /lilipDirect expert support and provide leadership for product-related security incidents, ensuring rapid response. /p /lipbKey internal collaborations: /b /ppThis role requires close collaboration with: /plipProduct Development Engineering Teams. /p /lilipOperational Technology and Manufacturing Teams. /p /lilipCloud Operations Teams. /p /lilipData Analytics Teams. /p /lilipLegal Compliance Teams. /p /lilipOther Cybersecurity Functions. /p /lipbKey Qualifications: /b /ppbExperience and Technical Mastery /b /plipMinimum 12 years of experience in Product, Application, and Embedded Systems Security, with a proven history of both hands-on and leadership roles across multiplatform environments (IoT, mobile, cloud). /p /lilipDeep mastery of Secure Software Development Lifecycle (SDLC) and DevSecOps principles, including scaling global programs, formal threat modeling, and security architecture review processes. /p /lilipAdvanced expertise in product security tooling: Proficient with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), binary analysis, and fuzzing to identify and manage vulnerabilities. /p /lilipEmbedded and Hardware Security: Proven experience securing firmware, embedded systems, and Hardware Security Modules (HSMs), with a focus on secure provisioning and over-the-air (OTA) update mechanisms for IoT devices. /p /lilipAI/ML Security: Deep technical understanding of adversarial AI, including mitigating risks such as data poisoning, model inversion, and prompt injection attacks. /p /lilipCryptography and PQC: Expertise in cryptographic design, PKI, and key management frameworks, including implementing cryptographic agility and planning strategic migration to post-quantum cryptography (PQC) standards. /p /lipbStrategic Governance and Compliance /b /plipKnowledge of global product security regulations, including the EU Cyber Resilience Act (CRA), UK PSTI Act, and international vulnerability disclosure requirements. /p /lilipProven experience in third-party and supply chain security governance, specifically enforcing security standards for contract manufacturers (JDM/ODM) and component suppliers. /p /lipbLeadership and Business Acumen /b /plipExceptional communication skills with the ability to clearly articulate complex technical risks and strategic roadmaps to executive leadership and cross-functional teams. /p /lilipProven ability to conceptualize complex business and technical requirements into comprehensible security models, templates, and risk acceptance frameworks. /p /lilipDemonstrated experience in developing, guiding, and mentoring high-performing cybersecurity and engineering teams. /p /lilipStrong financial management skills for multi-year security programs, including budgeting, forecasting, and cost control. /p /lipAcross Logitech we empower collaboration and foster play. We help teams collaborate/learn from anywhere, without compromising on productivity or continuity so it should be no surprise that most of our jobs are open to work from home from most locations. Our hybrid work model allows some employees to work remotely while others work on-premises. Within this structure, you may have teams or departments split between working remotely and working in-house.br/br/Logitech is an amazing place to work because it is full of authentic people who are inclusive by nature as well as by design. Being a global company, we value our diversity and celebrate all our differences. Don’t meet every single requirement? Not a problem. If you feel you are the right candidate for the opportunity, we strongly recommend that you apply. We want to meet you! /ppbr/We offer comprehensive and competitive benefits packages and working environments that are designed to be flexible and help you to care for yourself and your loved ones, now and in the future. We believe that good health means more than getting medical care when you need it. Logitech supports a culture that encourages individuals to achieve good physical, financial, emotional, intellectual and social wellbeing so we all can create, achieve and enjoy more and support our families. We can’t wait to tell you more about them being that there are too many to list here and they vary based on location.br/br/All qualified applicants will receive consideration for employment without regard to race, sex, age, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.br/br/If you require an accommodation to complete any part of the application process, are limited in the ability, are unable to access or use this online application process and need an alternative method for applying, you may contact us toll free at for assistance and we will get back to you as soon as possible. /p