Senior Director Product Management, Security, Compliance and Risk

GEICO is in the midst of an exciting transformation as a product and tech powered company. We are seeking a Senior Director of Product Management, Security, Compliance and Risk. The role will reimagine the implementation of security, compliance and risk throughout GEICO. This role is responsible for ensuring that enterprise products and platforms are securely and compliantly designed by leading prioritization, alignment, and accountability in executing requirements defined by Legal, Privacy, Cybersecurity, Risk, and Audit departments. In this role, you'll bridge product, data, and technology teams, acting as the customer's voice and managing security & compliance requirements across Legal, Privacy, Cybersecurity, Risk, Audit, and product groups. Reporting directly to the Senior Director of Product Management, Foundations and Platform - this leader ensures regulatory, compliance and risk expectations are converted into scalable, actionable, and reusable technical capabilities, requirements are prioritized, sequenced and embedded into product roadmaps and platform architectures, so delivery teams can implement effectively at scale. Location: Seattle, WA (Preferred location) or Palo Alto, CA. Key responsibilities - Define long-term product security, compliance & risk enablement strategy aligned with enterprise technology and business objectives; develop and communicate product risk vision and communicate to internal stakeholders - Serve as the single technology intake point for compliance, security and risk requirements impacting products and technology platforms - Create and maintain product security, compliance & risk enablement roadmap with clear prioritization criteria, balancing regulatory and security requirements against business impact, delivery capacity and technical feasibility - Translate requirements into implementation ready technical expectations, including documentation and user stores, based on requirements defined by Legal, Privacy, Cyber and Risk - Normalize and consolidate requirements across Legal, Privacy, Cyber, Risk and audit to prevent duplication, misalignment or conflicting implementation expectations - Ensure security, compliance & risk driven work is planned intentionally and embedded into roadmaps, rather than introduced as late stage delivery interruptions - Apply risk-based prioritization to balance regulatory urgency, product strategy, and delivery capacity across portfolios - Guide teams on architectural considerations and solution approaches for addressing requirements; partner closely with technology teams to understand any constraints and inform build vs. buy decisions for solutions without owning implementation - Promote use of approved design patterns, shared services, and platform capabilities to enable consistent and scalable secure by design outcomes. - Partner with technology teams to ensure security & compliance requirements are prioritized and embedded into CI/CD standards and expectations enabling secure and compliant by design delivery at scale - Drive clarity on ownership, sequencing and cross team dependencies to support effective execution - Escalate prioritization conflicts and delivery risks with clear options, tradeoffs and recommendations for executive decision making - Track progress of compliance driven initiatives across products and platforms and surface systemic gaps or risks - Provide CIO with clear visibility into what is required, what is prioritized, what is at risk and why, enabling informed decision making. Required Qualifications - Bachelor's degree in Computer Science, Information Systems, Engineering or a related field technical required - Formal training in product management, enterprise architecture or technology governance a plus. - 12-15 years in senior technology leadership, product governance, platform enablement, or large-scale delivery oversight - Demonstrated experience translating security, privacy, legal and regulatory requirements into prioritized technology work. - The following skillsets are required: FedRamp, FISMA, GDPR and Cybersecurity and Compliance, Vulnerability Management, Red Team, AI Security, Pen Testing, SOC/SOX, Identity Management - Proven experience in driving prioritization and roadmap alignment across multiple product and engineering teams - Experience building AI tools and/or agents, including embedding AI experiences into existing products - Strong understanding of secure by design and compliant by design principles within CI/CD pipelines, modern SDLCs and platform environments - Ability to influence without authority in complex, matrixed organization - Executive level communications and stakeholder management skills - Leverages technology to deliver innovative and resilient solutions that enable both near term and long-term value - Identifies and resolves complex problems to deliver outcomes while mitigating product risks - Collaborates with cross functional teams to solve customer problems and drive organizational alignment. What success looks like - Compliance and risk work is planned, not reactive - Product teams consistently prioritize compliant by design outcomes - Fewer late-state escalations and reactive fixes - Clear CIO level visibility into demand, prioritization and delivery risk - Customers spend less time chasing execution Annual Salary $195,000.00 - $315,000.00 The above annual salary range is a general guideline. Multiple factors are taken into consideration to arrive at the final hourly rate/ annual salary to be offered to the selected candidate. Factors include, but are not limited to, the scope and responsibilities of the role, the selected candidate's work experience, education and training, the work location as well as market and business considerations. At this time, GEICO will not sponsor a new applicant for employment authorization for this position. Apply To This Job