Product Security Compliance Manager

Join Autodesk's Fusion Platform team as a Product Security Compliance Manager, focusing on embedding security, resiliency, and compliance across desktop, hybrid cloud, and cloud-based products. This strategic, hands-on role involves guiding engineering and product teams through regulated compliance efforts like ITAR and FedRAMP, coordinating internal Trust requirements aligned with SOC 2, ISO/IEC 27001, and NIST SP 800-53, and collaborating across organizational boundaries to manage risk and support product delivery.

Must Have

• Partner with Product Security Developers, security, product, and engineering teams to align security and privacy requirements with product architecture.
• Lead and coordinate regulated compliance efforts such as ITAR and FedRAMP (including GovCloud deployments).
• Translate regulatory, audit, security, privacy, resiliency, and Trusted AI requirements into clear, actionable guidance.
• Collaborate across organizational boundaries with the corporate Trust organization to ensure alignment with enterprise trust standards.
• Lead cross-functional working groups for trust excellence and product certifications.
• Support the implementation and ongoing maintenance of internal Trust requirements, aligned with SOC 2, ISO/IEC 27001, and NIST SP 800-53–aligned controls.
• Track and report on product trust commitments across security, privacy, availability, resilience, and recoverability.
• Coordinate audits, government assessments, and customer security or compliance reviews.
• Support security testing activities, security awareness efforts, incident response follow-up, business continuity considerations, and trust documentation.
• 4–6 years of experience in product security, security compliance, risk management, or trust-related roles.
• Experience supporting engineering teams through ITAR, FedRAMP, and/or GovCloud compliance or certification efforts.
• Knowledge of Secure Software Development Lifecycle (SSDLC) processes and best practices.
• Understanding of information security risks and controls across application, data, infrastructure, and enterprise systems, preferably in cloud or hybrid environments (e.g., AWS).
• Familiarity with security and privacy frameworks and regulations such as SOC 2, NIST SP 800-53, ISO/IEC 27001, GDPR, and CCPA.
• Experience working with engineering and security teams in a matrixed organization.
• Strong communication, organizational, and documentation skills.

Good to Have

• CISSP, FedRAMP Practitioner, or CCSP certification.
• Experience working with desktop software and cloud-connected or hybrid products.
• Familiarity with regulated environments, data residency, or regionalization requirements.
• Experience supporting audits, penetration testing, or vulnerability management programs.

Perks & Benefits

• Health benefits
• Financial benefits
• Time away
• Everyday wellness
• Annual cash bonuses
• Stock grants

Job Requisition ID #

25WD94389

Position Overview

Join Autodesk’s Fusion Platform team within the Product Design and Manufacturing Solutions (PDMS) organization as a Product Security Compliance Manager, helping embed security, resiliency, and compliance across a portfolio of desktop, hybrid cloud, and cloud-based products.

The Fusion Platform organization is on a multi-year journey to transform design-to-manufacturing workflows by converging cloud-based, device-independent, and highly scalable platform technologies. As Autodesk continues its transformation toward cloud-connected and integrated design and manufacturing workflows, strong security, privacy, and regulatory compliance are essential to delivering trusted products at scale.

Reporting to the Director, Platform Programs, you will partner closely with Product Security Developers, security, product, and platform teams, as well as Autodesk’s corporate Trust organization. You will guide engineering and product teams through regulated compliance efforts such as ITAR and FedRAMP (including GovCloud deployments), while coordinating the implementation of internal Trust requirements across security, privacy, resiliency, and Trusted AI, aligned with SOC 2, ISO/IEC 27001, and NIST SP 800-53.

This is a strategic, hands-on role for someone who enjoys working with developers, translating regulatory and trust requirements into practical guidance, and collaborating across organizational boundaries to manage risk and support product delivery.

Responsibilities

• Partner with Product Security Developers, security, product, and engineering teams to align security and privacy requirements with product architecture across desktop, hybrid cloud, and cloud-based products
• Lead and coordinate regulated compliance efforts such as ITAR and FedRAMP (including GovCloud deployments), supporting engineering teams through readiness, assessment, authorization, and ongoing compliance
• Translate regulatory, audit, security, privacy, resiliency, and Trusted AI requirements into clear, actionable guidance for product and engineering teams
• Collaborate across organizational boundaries with the corporate Trust organization to ensure alignment with enterprise trust standards, objectives, and reporting
• Lead cross-functional working groups for trust excellence and product certifications, participate in regionalization working groups, and contribute to continuous improvement initiatives
• Support the implementation and ongoing maintenance of internal Trust requirements, aligned with SOC 2, ISO/IEC 27001, and NIST SP 800-53–aligned controls
• Track and report on product trust commitments across security, privacy, availability, resilience, and recoverability
• Coordinate audits, government assessments, and customer security or compliance reviews
• Support security testing activities, security awareness efforts, incident response follow-up, business continuity considerations, and trust documentation

Minimum Qualifications

• Bachelor's degree in Cybersecurity, Computer Information Systems, or a related field
• 4–6 years of experience in product security, security compliance, risk management, or trust-related roles
• Experience supporting engineering teams through ITAR, FedRAMP, and/or GovCloud compliance or certification efforts
• Knowledge of Secure Software Development Lifecycle (SSDLC) processes and best practices
• Understanding of information security risks and controls across application, data, infrastructure, and enterprise systems, preferably in cloud or hybrid environments (e.g., AWS)
• Familiarity with security and privacy frameworks and regulations such as SOC 2, NIST SP 800-53, ISO/IEC 27001, GDPR, and CCPA.
• Experience working with engineering and security teams in a matrixed organization
• Strong communication, organizational, and documentation skills
• Desire to continue to learn and challenge yourself
• Able to travel as required (less than 25%)

Preferred Qualifications

• CISSP, FedRAMP Practitioner, or CCSP certification
• Experience working with desktop software and cloud-connected or hybrid products
• Familiarity with regulated environments, data residency, or regionalization requirements
• Experience supporting audits, penetration testing, or vulnerability management programs

Learn More

Benefits

From health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work. Learn more about our benefits in the U.S. by visiting https://benefits.autodesk.com/

Salary transparency

Salary is one part of Autodesk’s competitive compensation package. For U.S.-based roles, we expect a starting base salary between $103,800 and $179,080. Offers are based on the candidate’s experience and geographic location, and may exceed this range. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.

Equal Employment Opportunity

At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law.

Diversity & Belonging

We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belonging

Are you an existing contractor or consultant with Autodesk?

Please search for open jobs and apply internally (not on this external site).