What You'll Do As the Manager of Product Security with a focus on Data Privacy, you will help ensure that our products are designed with strong security and privacy controls. You will lead a team of security professionals, collaborate with teams, and lead the implementation of privacy-by-design principles across all stages of the product lifecycle. Your responsibilities will include safeguarding customer data, ensuring compliance with privacy regulations, and mitigating security risks in product development. You will report to VP Security What Your Responsibilities Will Be Lead the product security team focused on embedding data privacy and security controls into product development processes. Develop a comprehensive product security strategy with a focus on data privacy. Partner with engineering, legal, compliance, and product teams to ensure privacy and security are integrated into all stages of the product lifecycle. Drive privacy-by-design principles and advocate for secure development practices across the organization. Data Privacy Governance: Ensure products comply with relevant data privacy regulations such as GDPR, CCPA, HIPAA, and other global standards. Develop product security policies and procedures that align with legal, regulatory, and industry requirements. Perform privacy impact assessments (PIAs) and security risk assessments (SRAs) on products and services. Risk Management: Identify privacy and security risks related to product development and deployment. Implement controls and measures to reduce data breaches, unauthorized access, and other security incidents. Lead incident response efforts related to privacy violations or data security breaches in collaboration with legal and IT teams. Collaboration & Communication: Collaborate with engineering teams to integrate security tools, practices, and automated testing into CI/CD pipelines. Work closely with the legal and compliance teams to interpret and respond to data privacy regulations and standards. Communicate privacy and security risks, issues, and solutions to senior leadership and other stakeholders. Training & Awareness: Develop and conduct training programs to educate product development teams on privacy and security best practices. Stay up-to-date with emerging data privacy trends, threats, and technologies and ensure the team is aligned with industry best practices. Monitoring & Reporting: Oversee continuous monitoring of product security and privacy controls to ensure ongoing compliance and risk mitigation. Provide regular updates to leadership on the status of product security initiatives, privacy compliance, and risk management activities. What You'll Need to be Successful Qualifications: Education & Experience: Bachelor's or Master's degree in Information Security, Computer Science, or related field. 10+ years of experience in product security, cybersecurity, or data privacy, with a focus on software product development. Proven experience managing teams in a security or privacy role. Skills & Knowledge: Deep understanding of data privacy laws and regulations (e.g., GDPR, CCPA, HIPAA). Strong knowledge of product security principles, including secure software development practices, encryption, and threat modeling. Familiarity with privacy-enhancing technologies, data anonymization, and data retention practices. Experience with security tools, automation, and CI/CD practices. Certifications (preferred): Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications. #LI-Remote This is a remote role. How We'll Take Care of You Total Rewards In addition to a great compensation package, paid time off, and paid parental leave, many Avalara employees are eligible for bonuses. Health & Wellness Benefits vary by location but generally include private medical, life, and disability insurance. Inclusive culture and diversity Avalara strongly supports diversity, equity, and inclusion, and is committed to integrating them into our business practices and our organizational culture. We also have a total of 8 employee-run resource groups, each with senior leadership and exec sponsorship. Learn more about our benefits by region here: Avalara North America What You Need To Know About Avalara We’re Avalara. We’re defining the relationship between tax and tech. We’ve already built an industry-leading cloud compliance platform, processing nearly 40 billion customer API calls and over 5 million tax returns a year. Last year, we became a billion-dollar business, and our tribe expanded by a cool thousand people - there’s nearly 5,000 of us now. Our growth is real, and we’re not slowing down - not until we’ve achieved our mission - to be part of every transaction in the world. We’re bright, innovative and disruptive, like the orange we love to wear. It captures our quirky spirit and optimistic mindset. It shows off the culture we’ve designed, that empowers our people to win. Ownership and achievement go hand in hand here. We instill passion in our people through the trust we place in them. We’ve been different from day one. Join us, and your career will be too. We’re An Equal Opportunity Employer Supporting diversity and inclusion is a cornerstone of our company — we don’t want people to fit into our culture, but to enrich it. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law. If you require any reasonable adjustments during the recruitment process, please let us know.