Cyber Defense Incident Responder

Job Description

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.

Join EY and help to build a better working world.

The opportunity

The Director of Product Security Response provides strategic oversight of product security incident response across all customer-facing products and services. This leader shapes the company’s product-security posture by governing vulnerability disclosure programs, directing the response to critical product vulnerability, and ensuring secure engineering outcomes. The role ensures that product incident response decisions reflect both customer impact and long-term product resilience.

Key Responsibilities

• Strategic Product Security Leadership
  • Define the strategic direction of product/application incident response and establish global standards for handling product-related cyber events.
  • Provide senior-level guidance to engineering, product, and business leadership during high-severity security issues.
  • Shape long-term improvements to product architectures, development practices, and release pipelines by championing improvements for identified process gaps, control enhancements, and other IR‑driven improvements be incorporated into product security standards.
• Oversight of Product Security Incidents
  • Oversee the response to critical product vulnerabilities, exploitation, and security defects across product lines.
  • Direct global incident response coordination with engineering, architecture, QA, legal, customer-facing teams, and communications.
  • Provide leadership to EMEIA and APAC-based Incident Coordinators to ensure unified global response practices.
• Responsible Disclosure Program Leadership
  • Provide executive oversight for the company’s responsible disclosure and external vulnerability intake program.
  • Establish expectations for researcher engagement, triage quality, and transparent communication.
  • Ensure disclosure processes align with legal, regulatory, and customer‑facing obligations.
• Critical Vulnerability Response Oversight
  • Provide top-level direction when critical-severity vulnerabilities require accelerated patching and coordinated releases.
  • Influence engineering priorities and ensure alignment across product, security, and architecture leadership.
  • Ensure root-cause insights drive systemic engineering improvements.
• Cross-functional Collaboration
  • Work jointly with the Director of Enterprise Incident Response & Remediation to govern global IR practices.
  • Lead coordination efforts major incidents with both enterprise and product impact.
  • Provide reciprocal leadership coverage to ensure seamless global response efforts
  • Maintains relationships with key stakeholders Client Technology and Regional Technology leaders to align and continuously improve remediation and response planning
• Leadership Attributes
  • Clear, authoritative communication with engineering and executive audiences.
  • Strong strategic judgement in weighing customer impact, engineering complexity, and business considerations.
  • Commitment to fostering a culture of security ownership across product teams.

What we offer you

At EY, we’ll develop you with future-focused skills and equip you with world-class experiences. We’ll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more.

Are you ready to shape your future with confidence? Apply today.

To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability-related adjustments or accommodations you may need.

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.