Key skills
AIAWSRisk ManagementCommunicationPenetration Testing
About this role
Autodesk is a leader in software solutions for design and manufacturing. They are seeking a Product Security Compliance Manager to enhance security and compliance across their product portfolio, guiding teams through regulatory requirements and ensuring alignment with trust standards.
Responsibilities:
- Partner with Product Security Developers, security, product, and engineering teams to align security and privacy requirements with product architecture across desktop, hybrid cloud, and cloud-based products
- Lead and coordinate regulated compliance efforts such as ITAR and FedRAMP (including GovCloud deployments), supporting engineering teams through readiness, assessment, authorization, and ongoing compliance
- Translate regulatory, audit, security, privacy, resiliency, and Trusted AI requirements into clear, actionable guidance for product and engineering teams
- Collaborate across organizational boundaries with the corporate Trust organization to ensure alignment with enterprise trust standards, objectives, and reporting
- Lead cross-functional working groups for trust excellence and product certifications, participate in regionalization working groups, and contribute to continuous improvement initiatives
- Support the implementation and ongoing maintenance of internal Trust requirements, aligned with SOC 2, ISO/IEC 27001, and NIST SP 800-53–aligned controls
- Track and report on product trust commitments across security, privacy, availability, resilience, and recoverability
- Coordinate audits, government assessments, and customer security or compliance reviews
- Support security testing activities, security awareness efforts, incident response follow-up, business continuity considerations, and trust documentation
Requirements:
- Bachelor's degree in Cybersecurity, Computer Information Systems, or a related field
- 4–6 years of experience in product security, security compliance, risk management, or trust-related roles
- Experience supporting engineering teams through ITAR, FedRAMP, and/or GovCloud compliance or certification efforts
- Knowledge of Secure Software Development Lifecycle (SSDLC) processes and best practices
- Understanding of information security risks and controls across application, data, infrastructure, and enterprise systems, preferably in cloud or hybrid environments (e.g., AWS)
- Familiarity with security and privacy frameworks and regulations such as SOC 2, NIST SP 800-53, ISO/IEC 27001, GDPR, and CCPA
- Experience working with engineering and security teams in a matrixed organization
- Strong communication, organizational, and documentation skills
- Desire to continue to learn and challenge yourself
- Able to travel as required (less than 25%)
- US Citizenship required
- CISSP, FedRAMP Practitioner, or CCSP certification
- Experience working with desktop software and cloud-connected or hybrid products
- Familiarity with regulated environments, data residency, or regionalization requirements
- Experience supporting audits, penetration testing, or vulnerability management programs