Director, Security Services
About the role
The Director of Security Services is a senior leadership role responsible for delivering and scaling security capabilities across a complex distribution and digital commerce environment. This role leads three core functions: Enterprise & Product Security Architecture (including cloud), Product Security (DevSecOps), and Security Assurance.
In a distribution business, this leader ensures the protection of supply chain systems, eCommerce platforms, product integrations, and partner ecosystems while enabling business growth, operational efficiency, and digital transformation.
Responsibilities
- Define and execute a security services strategy aligned to distribution operations, digital commerce growth, and enterprise risk priorities
- Partner with business leaders across supply chain, procurement, sales, eCommerce, and IT to integrate security into core operations
- Build and lead high-performing teams across architecture, product security, and assurance
- Establish actionable security metrics tied to business risk, uptime, and customer trust
- Define and enforce secure architecture standards across ERP systems, warehouse management systems (WMS), eCommerce platforms, APIs, and cloud infrastructure
- Lead the design of secure solutions for B2B integrations, supplier connectivity, and third-party platforms
- Oversee cloud security strategy across SaaS, IaaS, and PaaS environments (e.g., Azure, AWS), including identity, access, data protection, and network security
- Support modernization initiatives, including legacy system transformation and platform consolidation
- Build and scale a developer-centric product security program integrated into the SDLC for internal and customer-facing platforms
- Implement controls for secure API development, eCommerce applications, and third-party integrations
- Enable DevSecOps by integrating security into CI/CD pipelines supporting digital platforms and operational systems
- Partner with engineering teams to secure high-availability and transaction-heavy systems
- Establish a comprehensive security assurance program covering: Vulnerability management across enterprise, warehouse, and edge environments, Penetration testing of eCommerce platforms and external-facing services, Control validation for critical systems supporting order processing, logistics, and financial transactions, Ensure adherence to regulatory, contractual, and partner-driven security requirements, Lead risk-based assessments for third-party vendors, suppliers, and integration partners, Develop reporting that clearly communicates risk posture, remediation progress, and operational impact
- Define and implement security standards for vendor onboarding, supplier integrations, and third-party platforms
- Assess and manage risks across a broad ecosystem of manufacturers, logistics providers, and technology partners
- Embed security into digital supply chain processes and data exchanges
- Cross-Functional Collaboration
- Collaborate with IT, engineering, product, operations, and compliance teams to deliver integrated security outcomes
- Support incident response and resilience for distribution operations and customer-facing systems
- Promote a culture of security ownership across technical and operational teams
Requirements
- 10+ years of cybersecurity experience, with 5+ years in a leadership role
- Proven leadership across security architecture, application/product security, and assurance functions
- Strong expertise in securing cloud environments (AWS, Azure, or GCP) and hybrid infrastructures
- Experience securing eCommerce platforms, APIs, and high-volume transaction systems
- Familiarity with third-party risk and supply chain security challenges
- Deep understanding of frameworks such as NIST, ISO 27001, CIS, and OWASP
- Ability to align security strategy with operational uptime, customer experience, and revenue protection
Qualifications
- Experience in low-voltage distribution, industrial distribution, wholesale, or adjacent industries
- Background supporting ERP (e.g., SAP), WMS, CRM, and digital commerce platforms
- Experience with B2B integrations, EDI, and partner-facing APIs
- Familiarity with Zero Trust models and identity-first security approaches
- Experience securing OT/IoT or warehouse technologies (e.g., scanners, automation systems)
- Hands-on technical background in engineering, cloud, or infrastructure
- Relevant certifications (e.g., CISSP, CISM, CCSP, cloud security certifications)
Benefits
Resideo provides comprehensive benefits, including life and health insurance, life assistance program, accidental death and dismemberment insurance, disability insurance, 401k Plan, vacation & holidays.