IT&D Director, Security Architecture and Product Security

We are Reckitt

​Information Technology & Digital​

In IT and D, you'll be a force for good, whether you're championing cyber security, defining how we harness the power of technology to improve our business, or working with data to guide the innovation of consumer loved products. Working globally across functions, you'll own your projects and process from start to finish, with the influence and visibility to achieve what needs to be done. And if you're willing to bring your ideas to the table, you'll get the support and investment to make them happen. Your potential will never be wasted. You'll get the space and support to take your development to the next level. Every day, there will be opportunities to learn from peers and leaders through working on exciting, varied projects with real impact. And because our work spans so many different businesses, from Research and Product Development to Sales, you'll keep learning exciting new approaches.

About the role

The IT&D Director – Security Architecture and Product Security will lead our security technology and architecture roadmap to eliminate complexity and accelerate the adoption of innovative, platform-based solutions. The role defines the enterprise security architecture framework and governs the design assurance process and reference architecture. Furthermore, they will orchestrate the Secure Software Development Lifecycle (SSDLC), managing a modern security toolchain (SAST, DAST, SCA) to ensure robust SBOM compliance.

Your responsibilities

Leadership

• As a key member of the Cyber Leadership Team, you will build and scale a high-performing team of Security Architects and Software Security Specialists. You will lead these technical experts as strategic 'Security Partners' who don’t just govern but actively enable the business to innovate securely at pace.

Security Technology Strategy & Platform Transformation

• Lead the multi-year security technology roadmap, intentionally moving from a fragmented landscape toward a Security-as-a-Platform model. Your goal is to reduce "undifferentiated complexity" so the broader Cyber team can focus on high-value activities.
• Act as the primary scout for emerging technologies, specifically driving the adoption of Agentic AI and GenAI within the security stack to automate core cyber processes.

Enterprise Security Architecture & Governance

• Define and maintain the Enterprise Security Architecture Framework, encompassing all reference architectures, security principles, and technical standards e.g. Cloud (Azure/GCP), manufacturing.
• Oversee the formal Security Design Assurance process. Your team of architects will act as the "Security Design Authority," ensuring all new projects meet a standardized set of non-functional security requirements (NFRs) before moving to build.
• Develop and publish "Gold Standard" security patterns that allow product, project and engineering teams to build securely by default without starting from scratch.

Secure Software Development Lifecycle (SSDLC)

• Mandate and govern the global Secure Software Development Lifecycle. You are responsible for ensuring that security is "shifted left"—integrated into the initial requirements and design phases.
• Own the strategy and operational effectiveness of the "Security Toolchain." This includes the integration and tuning of SAST (Static Analysis), DAST (Dynamic Analysis), and SCA (Software Composition Analysis) within the CI/CD pipelines.
• Lead the technical implementation of Software Bill of Materials (SBOM) tracking to ensure transparency and traceability of third-party and open-source components.

Threat Modelling & Technical Consultancy

• Drive a culture of proactive threat modelling across all teams. Your team will facilitate sessions to identify architectural weaknesses and logic flaws in the design phase of high-risk applications.
• Provide high-level broad technical support for complex projects.

The experience we're looking for

• Architectural Leadership at Scale: Proven track record of defining and executing Enterprise Security Architecture.
• Modern Engineering & DevSecOps Expertise: Experience leading Secure Software Development Lifecycles (SSDLC), including the successful integration of automated security tool chains.
• AI & Emerging Tech knowledge: thought leadership on how AI and innovative technology can benefit the Cyber Security function.
• People Leadership skills: Experienced in building and mentoring high-performing, multi-hub technical teams.
• Ability and desire to scale knowledge and learning.
• Strong analytical and consulting skills, rooted in ability to draw and communicate insights from multiple data points.
• Strong verbal and written communication skills, with particular ability to communicate technical information to non-technical senior stakeholders and to listen to identified concerns and adapt accordingly.
• Technical familiarity with securing GenAI and Large Language Model (LLM) platforms, specifically within Azure and Databricks environments, including knowledge of AI-specific threats. 

The skills for success

Enterprise Security Architecture, Programme Management, Secure Software Development Livecycle, SSDLC, Digital Strategy, Product Solution Architecture, Data Governance, Product Compliance, Digital Transformation, Stakeholder Relationship Management, Outstanding Communication, stakeholder engagement, Innovation Processes, Innovation, User Experience Design.

What we offer

Equality