Director, Product Security
Listed on 2026-07-07
-
IT/Tech
Cybersecurity, Systems Engineer
About Us
Rivian and Volkswagen Group Technologies is a joint venture between two industry leaders with a clear vision for automotive’s next chapter. From operating systems to zonal controllers to cloud and connectivity solutions, we’re addressing the challenges of electric vehicles through technology that will set the standards for software‑defined vehicles around the world.
The road to the future is uncharted. By combining our expertise across connectivity, AI, security and more, we’ll map a new way forward. Working together, we’ll create a future that’s more connected, more intelligent, more sustainable for everyone.
Role SummaryAs the Director of Product Security, you will be the driving force behind securing the most consequential software‑defined vehicle platform in the automotive industry. Reporting to the Sr. Director, Systems Engineering, Safety and Software Quality, you will lead the end‑to‑end product security strategy for Rivian and Volkswagen Group Technologies’ joint platform, a technology stack that will underpin millions of future electric vehicles across Rivian, Volkswagen, Audi, Scout, and beyond.
This is not a compliance role. This is a builder’s role. You will embed security into the DNA of our zonal architecture, over‑the‑air update pipeline, cloud infrastructure, and autonomous driving stack. Working shoulder‑to‑shoulder with elite software and hardware engineers who share your obsession with getting it right. You’ll own the discipline, lead the team, and set the standard for what product security looks like at the intersection of Silicon Valley and the global automotive industry.
This role is located in our Palo Alto, CA office and reports directly into the Sr. Director, Systems Engineering, Safety and Software Quality.
Product Security Strategy & Architecture: Lead a team that will define and own the multi‑year product security roadmap for Rivian and RV Tech’s joint SDV platform. Translate business objectives, threat landscapes, and regulatory requirements into a coherent, executable security strategy spanning vehicle firmware, cloud backend, mobile applications, and the OTA update pipeline.
Secure‑by‑Design Engineering: Embed security across the full software development lifecycle. Partner with software, hardware, and platform engineering teams to conduct threat modeling and TARA, development of security requirements for implementation, systematic test definition and execution on SIL, HIL and test vehicle levels. You will also establish secure coding guidelines to be used across all core engineering teams and build automated security tooling (SAST, DAST, fuzzing) into CI/CD pipelines.
Champion a “security by design” culture across a global engineering org of 1,500+.Automotive & Connected Vehicle Security: Lead adhering to compliance and security engineering efforts for automotive cybersecurity standards including ISO/SAE 21434 and UN Regulation No 155. Secure zonal and E/E architecture, ECU communication buses (CAN, Automotive Ethernet), telematics, V2X, and ADAS/autonomy stacks. Own security of OTA update signing and delivery infrastructure.
Vulnerability Management & Red Team Programs: Build and operate a world‑class vulnerability management program covering vehicle software, cloud services, and mobile apps. Establish and manage a bug bounty program and coordinate penetration testing across all product surfaces. Oversee triage, prioritization, and remediation tracking in partnership with engineering teams.
Supply Chain & Third‑Party Security: Define and enforce security requirements across Tier‑1 and Tier‑2 automotive suppliers and software vendors. Build SBOM practices, oversee third‑party security assessments, and ensure supply chain integrity across the full software stack shared between Rivian and Volkswagen Group brands.
AI & Autonomy Security: Secure RV Tech’s AI and autonomy platform, including the Rivian Unified Intelligence stack and in‑vehicle AI systems. Develop threat models for ML pipelines, model integrity, adversarial input attacks, and in‑vehicle inference security. Stay at the forefront of AI security as a rapidly evolving attack surface…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).