Head of Product Security

Logitech is the Sweet Spot for people who want their actions to have a positive global impact while having the flexibility to do it in their own way.

Hybrid role - base 3 days on site

At Logitech, our purpose is to extend human potential in work and play.

We do this by designing software-enabled hardware solutions that drive superior performance when gaming and superior productivity while at work, all with maximum comfort, speed and accuracy. We enable creativity when pursuing passions and connectivity so everyone is seen, heard and can contribute in their own unique way.

As a Swiss company focused on innovation and quality, our products are the point of connection between people and the digital world. We harness the transformative power of design to drive innovation and progress throughout our portfolio in order to deliver truly unique and meaningful experiences. With products available in nearly every country and more than 3.5 million items shipped each week, Logitech is dedicated to driving outcomes that are better for people and planet, reducing our environmental impact by leading the industry in designing for sustainability.

Logitech is the Sweet Spot for people who want their actions to have a positive global impact while having the flexibility to do it in their own way.

The Team and Role:

The Head of Product Security is responsible for establishing, maintaining, and overseeing the comprehensive security strategy for all Logitech products and associated customer-facing services - including Internet of Things (IoT) devices, mobile applications, desktop software, and their related cloud infrastructure and services - throughout their entire lifecycle, ensuring compliance, protecting customer data, and preserving brand trust.

The Head of Product Security leads a dedicated team and a community of product security champions across the globe.

The role is based in Lausanne, and reports to the CISO.

Your Contribution:

Be Yourself. Be Open. Stay Hungry and Humble. Collaborate. Challenge. Decide and just Do. These are the behaviors you’ll need for success at Logitech. 

In this role you will have the following responsibilities:

Strategic Leadership & Governance

• Architect and execute a comprehensive product security strategy and roadmap aligned with business growth, reporting on risk posture and program performance to executive leadership.

• Integrate Product Security resilience as a competitive differentiator, actively supporting brand trust, enabling new service-based revenue models, and mitigating P&L exposure from legal and product liability risks.

• Develop and implement product security policies, standards, and guidelines.

• Direct global regulatory compliance strategies for mandatory standards such as the EU CRA and UK PSTI, overseeing gap analysis and remediation across cross-functional teams.

• Lead and mentor a high-performing security team while fostering a proactive, collaborative security culture across the global organization.

Secure Product Lifecycle & Engineering

• Champion "Security by Design" by integrating secure development lifecycle practices into all IoT, mobile, desktop, and cloud infrastructure products and development teams.

• Establish and enforce "Safe AI by Design" principles to ensure that AI models, training data, and deployed agents are protected against manipulation, adversarial attacks, prompt injection, and property theft.

• Ensure mandatory disclosure and reporting requirements, such as vulnerability disclosure processes and security update periods, are publicly and accurately communicated.

• Enforce robust supply chain and manufacturing security standards for Operations teams and third-party partners (JDM/ODM) and suppliers to protect firmware, source code, and production integrity.

• Provide expert security advice, guidance and support to engineering and product teams.

• Ensure product decommissioning to maintain security integrity throughout the entire product lifecycle.

Operational Defense & Assurance

• Oversee comprehensive penetration testing and vulnerability management programs, driving the remediation lifecycle in collaboration with asset owners.

• Establish proactive AI-enabled threat hunting capabilities to identify and mitigate existing and emerging attack vectors targeting company products.

• Direct expert support and provide leadership for product-related security incidents, ensuring rapid response.

Key internal collaborations:

This role requires close collaboration with:

• Product Development & Engineering Teams.

• Operational Technology and Manufacturing Teams.

• Cloud Operations Teams.

• Data & Analytics Teams.

• Legal & Compliance Teams.

• Other Cybersecurity Functions.

Key Qualifications:

Experience and Technical Mastery

• Minimum 12 years of experience in Product, Application, and Embedded Systems Security, with a proven history of both hands-on and leadership roles across multiplatform environments (IoT, mobile, cloud).

• Deep mastery of Secure Software Development Lifecycle (SDLC) and DevSecOps principles, including scaling global programs, formal threat modeling, and security architecture review processes.

• Advanced expertise in product security tooling: Proficient with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), binary analysis, and fuzzing to identify and manage vulnerabilities.

• Embedded and Hardware Security: Proven experience securing firmware, embedded systems, and Hardware Security Modules (HSMs), with a focus on secure provisioning and over-the-air (OTA) update mechanisms for IoT devices.

• AI/ML Security: Deep technical understanding of adversarial AI, including mitigating risks such as data poisoning, model inversion, and prompt injection attacks.

• Cryptography and PQC: Expertise in cryptographic design, PKI, and key management frameworks, including implementing cryptographic agility and planning strategic migration to post-quantum cryptography (PQC) standards.

Strategic Governance and Compliance

• Knowledge of global product security regulations, including the EU Cyber Resilience Act (CRA), UK PSTI Act, and international vulnerability disclosure requirements.

• Proven experience in third-party and supply chain security governance, specifically enforcing security standards for contract manufacturers (JDM/ODM) and component suppliers.

Leadership and Business Acumen

• Exceptional communication skills with the ability to clearly articulate complex technical risks and strategic roadmaps to executive leadership and cross-functional teams.

• Proven ability to conceptualize complex business and technical requirements into comprehensible security models, templates, and risk acceptance frameworks.

• Demonstrated experience in developing, guiding, and mentoring high-performing cybersecurity and engineering teams.

• Strong financial management skills for multi-year security programs, including budgeting, forecasting, and cost control.

Across Logitech we empower collaboration and foster play. We help teams collaborate/learn from anywhere, without compromising on productivity or continuity so it should be no surprise that most of our jobs are open to work from home from most locations. Our hybrid work model allows some employees to work remotely while others work on-premises. Within this structure, you may have teams or departments split between working remotely and working in-house.
Logitech is an amazing place to work because it is full of authentic people who are inclusive by nature as well as by design. Being a global company, we value our diversity and celebrate all our differences. Don’t meet every single requirement? Not a problem. If you feel you are the right candidate for the opportunity, we strongly recommend that you apply. We want to meet you!

We offer comprehensive and competitive benefits packages and working environments that are designed to be flexible and help you to care for yourself and your loved ones, now and in the future. We believe that good health means more than getting medical care when you need it. Logitech supports a culture that encourages individuals to achieve good physical, financial, emotional, intellectual and social wellbeing so we all can create, achieve and enjoy more and support our families. We can’t wait to tell you more about them being that there are too many to list here and they vary based on location.
All qualified applicants will receive consideration for employment without regard to race, sex, age, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
If you require an accommodation to complete any part of the application process, are limited in the ability, are unable to access or use this online application process and need an alternative method for applying, you may contact us toll free at +1-510-713-4866 for assistance and we will get back to you as soon as possible.