Security Product Lead – Product & AI Security

Confirmed live in the last 24 hours

SoFi

WA - Seattle; UT - Cottonwood Heights; CA - San Francisco; NY - New York City; TX - Frisco

Remote

Posted April 15, 2026

Job Description

Employee Applicant Privacy Notice

Who we are:

Shape a brighter financial future with us.

Together with our members, we’re changing the way people think about and interact with personal finance.

We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world.

Role Overview

The Security Product Lead – Product Security & AI Security is responsible for defining the strategic direction, roadmap, and measurable outcomes for securing the organization's product lifecycle and emerging AI/ML initiatives. This role sits within the Security Strategy & Delivery team and partners closely with the Product Security, Engineering, and Data Science/AI functional leaders and operational teams.

This position ensures that Product Security and AI Security capabilities are treated as internal security products—aligned to enterprise risk priorities, supported by a clear roadmap, measured through defined KPIs, and delivered through structured program governance.

The role requires strong cross-functional collaboration, strategic thinking, and the ability to influence without direct authority. By proactively embedding security controls into the product development lifecycle (SDLC) and addressing unique risks associated with AI/ML systems, this role directly supports the organization's overarching goal of protecting member trust, safeguarding corporate assets, and ensuring the continued stability and growth of the business.

Key Responsibilities

Strategy & Roadmap Stewardship

Develop and maintain a multi-year strategy and roadmap for Product Security and AI Security capabilities.
Align roadmap priorities with enterprise risk objectives, regulatory requirements (e.g., data privacy, AI governance), and evolving attack surface.
Identify capability gaps (e.g., secure coding practices, AI model integrity) and define strategic investment opportunities.
Translate strategic objectives into structured, sequenced initiatives.
Lead Security Due Diligence: Own the end-to-end security assessment process for M&A targets, including technical architecture reviews, vulnerability assessments, security program maturity evaluations, and risk quantification
Develop M&A Security Strategy: Define and continuously improve Meta’s M&A security playbook, methodologies, and standards to enable rapid, consistent, and thorough security evaluations
Drive Integration Planning: Partner with target companies and internal teams to design secure integration roadmaps that balance speed-to-value with security requirements
Manage M&A security assessments and integration roadmaps to design secure integration roadmaps, balancing speed and security

Product & Capability Management

Define the value proposition and service model for Product Security and AI Security capabilities, including security requirements for all new product features.
Establish clear capability maturity targets (e.g., DevSecOps integration level, AI risk mitigation completeness) and continuous improvement plans.
Maintain and prioritize a strategic backlog aligned to measurable risk reduction outcomes (e.g., reduction in critical vulnerabilities, secure-by-design adoption).
Ensure capabilities are treated as ongoing products with lifec