Product Security Lead

Barcelona; Geneva; London; Paris; Join Proton and build a better internet where privacy is the default At Proton, we believe that privacy is a fundamental human right and the cornerstone of democracy. Since our inception in 2014, founded by a team of scientists from CERN, we have dedicated ourselves to providing free and open-source technology to millions worldwide, ensuring access to privacy, security, and freedom online. Our journey began with Proton Mail, the largest secure email service globally, and has since expanded to include Proton VPN, Proton Calendar, Proton Drive, and Proton Pass. These tools empower individuals and organizations to take control of their personal data, break away from Big Tech’s invasive practices, and defeat censorship. Our work impacts hundreds of millions of lives, from activists on the front lines defending freedom to leaders in governments protecting sensitive information. In some cases, Proton’s services have even been instrumental in saving lives by enabling secure and private communications in high-risk situations. Proton is a profitable company that does not rely upon VC funding, supporting over 100 million user accounts with a growing team of over 500 people from over 50 different countries, from the world's top companies and universities. We value intelligence, learning potential, and ambition in our hiring process. Adaptability is key as we navigate uncharted territories and redefine how business is conducted online. Hiring at Proton is highly selective, with less than 1% of candidates hired. We believe smaller teams of exceptional talent will always prevail over larger teams with lower talent density. You will have the opportunity work with many of the world's top minds in their fields, ranging from former international math and science olympiad winners to chess champions. We have a global mindset and big ambitions but remain a start-up at heart. We value empowerment and flexibility and keep our structure flat to keep moving fast and avoid unnecessary politics. Tired of blending into the crowd? Join us and do work you can truly be proud of. Check our open-source projects here! The Team: We’re looking for a visionary security professional who combines deep expertise with genuine passion; to drive meaningful change across our growing organisation. This role sits at the heart of what Proton stands for and fulfills the trust our users place in us every day. You’ll be encouraged to challenge the status quo, innovate efficiently, and collaborate daily with some of the brightest minds who truly care about protecting privacy and building secure products. Tech Stack and Tools:

• Proton currently offers the following products: Mail, Calendar, VPN, Pass, Drive,... each available on Windows,... MacOS,... iOS,... Linux.
• Our infrastructure is entirely composed of Linux machines.
• Wherever we can,... use open-source technologies.

About the role: You will be leading our efforts to ensure that Proton's applications are secure. What you will be doing:

• Set the north star – Define a compelling vision...
• Build the function – Find best people...
• Be go-to hero-in – Serve as go-to person...
• Architect secure products – Partner with product managers...
• Create playbooks & policies – Design clear guidelines...
• Empower engineers – Build tools/processes...
• Lead bug bounty program – Turn global community into extension...
• Influence roadmaps – Shape priorities ensuring security baked into releases.

What we are looking for:

• 10+ years in application security (SaaS or privacy-focused)
• Proven record leading security projects from concept to production
• Leadership style blending constructive challenge with collaboration
• Hands-on experience with code reviews,... penetration testing,... security tooling
• Track record defining/executing remediation plans
• Ability translate technical detail into clear actionable guidance for any audience.
• Quick grasp large complex systems

Nice to have:

• Experience B2B product security features
• Knowledge infrastructure security (hardware,... networking,... OS,... file systems)
• Experience cryptographic protocols or prior work at privacy-centric orgs.
• Experience utilizing open-source code at scale

Even if you don’t meet all requirements but feel great fit please apply. What We Offer

• Office First: Collaboration easier/effective in person; offices Geneva,... Zurich,... Prague,... Barcelona,... Paris,... London,... Vilnius,... Skopje,... Taipei; up to 30% remote work; fully remote positions may be available depending on role.
• Technology: Devices/software provided for excellence.
• Food: Lunch/snacks daily at offices.
• Transport: Support transport costs via subsidies based on office location.
• Stock Options: All owners get stock options when joining.
• Flexible Working: Define own hours compatible with meetings.
• Learning & Development: Training programs/conferences/events/continual learning offered.
• Employee Benefits: Health insurance plans/retirement savings/vacation/wellness programs.
• Work that Matters: Community-first org built on crowdfunding; revenue solely user subscriptions; over 100 million users trust/support Proton putting users first; read more about impact here.

Our Commitment to Diversity & Inclusion At Proton diversity drives innovation strengthens mission provide privacy default for all; committed fostering inclusive environment valuing empowering all individuals regardless race/ethnicity/gender/age/sexual orientation/physical ability/socio-economic background; strive equal opportunities/open dialogue/support continuous learning ensuring every voice heard/respected; If extra support or reasonable adjustments needed during hiring process please contact talent partner. Candidate Privacy Notice When applying or considered for role your info stored Greenhouse per Service Privacy Policy used evaluate suitability for position retained for future roles aligned background/skills; info deleted/anonymized if no longer needed; inquiries contact careers@proton.ch; Proton does not accept unsolicited resumes except directly from candidates nor pay fees for unsolicited offers even if candidate hired; to learn more visit our privacy policy page;

LI-Onsite