Director, Platform Security

Calling all originals: At Levi Strauss & Co., you can be yourself — and be part of something bigger. We’re a company of people who like to forge our own path and leave the world better than we found it. Who believe that what makes us different makes us stronger. So add your voice. Make an impact. Find your fit — and your future. 

We are looking a visionary and product-minded Director of Platform Security to lead our security architecture practices and be at the forefront of our digital transformation journey. This role is ideal for a strategic partner who excels at the intersection of security, usability, and automation to help the business. You will shape our security platform strategy, embed security into our development lifecycle, and lead a team of security engineers and architects that span our global retail, e-commerce, and enterprise platforms. You will have both technical expertise and partnership capability to promote secure innovation and provide scalable, developer-friendly solutions. You will report to the Senior Director of Enterprise Security.

About the Job 

Leadership and Strategy

• Provide transformational leadership for building the security roadmap for our global ecommerce platforms, corporate infrastructure, and retail environment. Build, mentor, and lead a team of engineers and architects supporting all countries around the globe and other LS&Co brands.

• Build bridges with Digital, Technology, Product, and Security leaders across the organization to ensure security is embedded in the operation and experience of our digital ecosystem.

• Deliver a flagship experience for our consumers, employees, and partners.

Security Architecture

• Provide architectural oversight of security infrastructure, including WAF/BOT and fraud protection, cloud security solutions, IAM/CIAM, and others. Ensure identification, prioritization, and remediation of vulnerabilities across customer-facing environments.

• Champion modern web frameworks within the MACH framework (Microservices, API-First, Cloud-Native, Headless) and DevOps/ Lean practices to ensure that our platforms stay secure and deliver value to our consumers.

Secure Development and Cloud Security

• Partner with product engineering teams to embed security into the software development lifecycle (SDLC) for e-commerce and mobile platforms, ensure secure coding practices, automated testing, and threat modeling.

• Lead the adoption and enforcement of cloud security best practices across AWS, Azure, or GCP environments, with a focus on scalability and resilience.

Compliance and Risk Management

• Support compliance programs and ensure regulatory compliance with industry security standards (e.g., ISO 27001, NIST, SOC 2, GDPR, HIPAA).

• Partner with security operations to ensure delivery of risk-resilient infrastructure and participate in incident response efforts including investigation, mitigation, and post-incident reviews to improve security posture.

About You 

• 10+ years of experience in security engineering, architecture, or technical product management, with tangible accomplishments in retail, ecommerce, or similar customer-facing digital experiences.

• Expertise in OWASP, CIS Benchmarks, SCAP, and secure coding practices.

• Experience with cloud platforms (AWS, Azure, GCP) and modern DevSecOps tooling; familiarity with Kubernetes, microservices, and serverless architectures.

• Working knowledge of encryption, tokenization, hashing, and data protection strategies; familiarity with authN/authZ patterns including OAuth, mTLS, OIDC, SAML, API keys, certificates, and credential lifecycle management.

• Subject matter expertise in identity management, both corporate and consumer identities, including lifecycle management, privileged access management, and ITDR.

• Experience embedding security into CI/CD and cloud-native environments.

• Expertise in leading diverse, geographically distributed teams and in navigating the complexities associated with different locations and time zones.

• Connect, communicate, inspire, and promote collaboration across a spectrum of departments and departments.

This is a remote role based in the United States.

The expected starting salary range for this role is $144,800 - $241,200 per year. We may ultimately pay more or less than the posted range based on the location of the role. The amount a particular employee will earn within the salary range will be based on factors such as relevant education, qualifications, performance and business needs.