Product Security Lead

Join to apply for the Product Security Lead role at Proton

Join Proton and build a better internet where privacy is the default. Proton believes privacy is a fundamental human right and the cornerstone of democracy. Since 2014, we have provided free and open-source technology to millions, including Proton Mail, Proton VPN, Proton Calendar, Proton Drive, and Proton Pass.

• Proton offers products: Mail, Calendar, VPN, Pass, Drive, available on Windows, MacOS, iOS, and Linux.
• Our infrastructure is Linux-based.
• Where possible, we use open-source technologies.

You will be leading our efforts to ensure Proton's applications are secure.

• Set the north star – Define a compelling vision and roadmap for product security that inspires the whole organization.
• Build the function – Find the best people to work with you and build your dream product security team.
• Be the go-to hero for product security across the entire company, influencing strategy, design, and delivery.
• Architect secure products – Partner with product managers, designers, and developers to embed security from day one, turning risk-aware thinking into a habit.
• Create playbooks & policies – Design clear, developer-friendly security guidelines and automated workflows that keep code secure without slowing velocity.
• Empower engineers – Build tools, processes, and culture that let developers ship fast and safe.
• Lead the bug bounty program – Turn the global security community into an extension of our team.
• Influence roadmaps – Collaborate with product leads to ensure security is baked into every release.

• 10+ years in application security (SaaS or privacy-focused)
• Proven record leading security projects from concept to production
• Leadership style that blends constructive challenge with collaboration
• Hands-on experience with code reviews, penetration testing, or security tooling
• Track record defining and executing remediation plans
• Ability to translate technical detail into clear, actionable guidance for any audience
• Quick grasp of large, complex systems

• Experience with B2B product security features
• Knowledge of infrastructure security (hardware, networking, OS, file systems)
• Experience with cryptographic protocols or privacy-centric organizations
• Experience with utilizing open-source code at scale

Even if you don’t meet all the requirements, please apply if you think you could be a great fit.

• Office First: offices in Geneva, Zurich, Prague, Barcelona, Paris, London, Vilnius, Skopje, and Taipei. Remote options up to 30% of the time may be available depending on role.
• Technology: Devices and software provided to excel in your role.
• Food: Lunch and snacks provided at offices.
• Transport: Subsidized public transport, bike allowances, or parking as applicable.
• Stock Options: Stock options on joining Proton.
• Flexible Working: Define your own working hours where possible.
• Learning and Development: Training programs, conferences, and continual learning.
• Employee Benefits: Health insurance, retirement options, vacation and wellness programs.
• Work that Matters: Proton is community-first and revenue comes from user subscriptions.

We believe diversity drives innovation and are committed to fostering an inclusive environment where all individuals feel valued and empowered. We strive for equal opportunities, open dialogue, and continuous learning to ensure every voice is heard and respected.

If you need any extra support or reasonable adjustments during the hiring process, please contact your talent partner.

When you apply for a position, your information is stored in Greenhouse in accordance with their Service Privacy Policy. We retain information to evaluate suitability for the posted position and for future roles that may align with your background. If you wish to access, correct, or delete your data, contact our privacy team at careers@proton.ch. Proton does not accept unsolicited resumes from any sources other than directly from candidates.

To learn more about our privacy policy, please visit our privacy policy page.