Job Description

As Head of Product Security, you will own the global strategy and execution of security for all products, platforms, and AI-native services. This role spans product security, customer security, regulatory compliance, and emerging AI safety expectations. You will build and lead a world-class organization that embeds secure-by-design and responsible-by-design principles across the entire software and AI lifecycle.

You will be accountable for ensuring that our products, including AI-first capabilities meet the highest standards of security, resiliency, customer trust, and government-aligned requirements (including NSA, NIST, and global regulatory frameworks).

Product Security Leadership

• Define and execute the unified product security strategy across software, hardware, cloud, and AI‑native components.
• Own secure SDLC policies, tooling, and governance.
• Lead threat modeling, architecture reviews, penetration testing, secure coding programs, and vulnerability management.
• Manage PSIRT and coordinate incident response, disclosure, and communication.
• Lead security strategy for all AI‑native products, models, pipelines, and inference services.
• Define and enforce security standards for model training, evaluation, deployment, and lifecycle management.
• Establish AI security architectures, including isolation of model environments, secure data pipelines, runtime monitoring, and adversarial resilience.
• Build AI threat models covering model inversion, poisoning, jailbreaks, prompt injection, data leakage, insider misuse, and systemic AI risks.
• Implement red‑teaming and continuous adversarial testing for LLMs, generative AI systems, and autonomous features.
• Create secure‑by‑default frameworks for teams adopting AI, including guardrails, safe‑prompting patterns, and model hardening strategies.
• Partner with the Tech & AI Office to operationalize Responsible AI principles in real engineering workflows.
• Ensure SBOM‑equivalent transparency for AI (training data lineage, model versioning, evaluation results, compliance documentation).
• Oversee monitoring & detection for AI‑specific attacks (hallucination risk, output manipulation, unauthorized fine‑tuning, shadow models).
• Guide product teams on AI‑specific regulatory expectations (EU AI Act, NIST AI RMF, global AI assurance standards).

Customer Security & Trust

• Serve as executive point for customer security escalations, audits, and trust communications.
• Drive enterprise‑grade customer assurance programs for both classical and AI‑powered products.
• Partner with Sales, Customer Success, and Support to ensure security transparency and readiness.

Regulatory, NSA & Global Compliance Oversight

Ensure compliance with NSA‑aligned and NIST frameworks, including but not limited to:

• NIST SP 800‑53
• CNSS
• FedRAMP/DoD requirements
• NIAP/Common Criteria
• Lead emerging AI regulatory compliance (EU AI Act, AI model certification paths, high‑risk controls).
• Oversee audit execution, remediation, and continuous compliance automation.

Cross‑Functional Executive Leadership

• Closely partner with Engineering, Product, IT, CTO, Legal/Privacy, and Gov/Compliance.
• Provide executive‑level briefings on security, AI risk posture, and strategic investments.
• Represent the company with customers, government bodies, and industry groups.

Organizational Leadership

• Build and lead a high‑caliber global product + AI security organization.
• Define strategy, goals, KPIs, metrics, and long‑term roadmap.
• Cultivate a culture of innovation, excellence, accountability, and continuous improvement.

Required

• 12+ years in cybersecurity, product security, or security engineering, with deep leadership experience.
• Hands‑on leadership in securing AI/ML systems, pipelines, or products.
• Expertise across secure development, cloud security, and modern DevSecOps.
• Strong knowledge of NSA/NIST frameworks and government‑grade compliance.
• Experience in telecom, networking, cloud infrastructure, or high‑availability distributed systems.
• Executive‑level communication and stakeholder management.

Nice to Have

• Experience with LLM security, generative AI risk management, and AI governance frameworks.
• Advanced degree in CS, Security, AI/ML, or Engineering.

Advancing connectivity to secure a brighter world.

Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.

Learn more about life at Nokia

Our recruitment process

We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.

If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.

The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia