Principal Product Security Manager

About Ricoh

A global leader in digital services, recognised for innovation, sustainability and a people-first culture. We feature in the Gartner Magic Quadrant , are listed in the Global 100 Most Sustainable Companies , and have been named one of Forbes’ World’s Best Employers 2025 .

At Ricoh, we believe people do their best work when they feel valued and supported. We create inclusive workplaces where you can grow, contribute, and make a positive impact while helping to build a more sustainable future.

Find your place. Transform your future

Our purpose is centred on understanding and improving how people work. By focusing on real working experiences, we support individuals to develop their skills, realise their potential and do work that feels meaningful.

People transform when they Love What They Do

This belief sits at the heart of The Ricoh Promise. It guides how we recruit, how we support our people, and how we work together every day, creating an environment where you can grow, feel valued and make a difference.

When you join us, you are encouraged to share your ideas, challenge the way things are done, and work with others to build something better. If you are looking for a place where your voice is heard, your development is supported, and your work feels meaningful, you will feel at home at Ricoh.

Ricoh Europe is investing in the capabilities needed to protect our diverse and rapidly evolving product and service landscape. As part of this journey, we are looking for a Principal Product Security Manager to build and lead a new Secure Development Practice that strengthens how we design, develop and deliver secure software across Europe.

This is a high‑impact leadership role working closely with senior executives, engineering teams, product leaders and global security stakeholders to define and embed secure development standards across the entire technology portfolio.

#RicohEurope

What you will be doing

As the Principal Product Security Manager, you will be accountable for establishing a robust, modern Secure Development Lifecycle (SDLC) framework across Ricoh Europe. This includes developing policy, setting and enhancing engineering standards, building a centre of excellence, shaping security tooling and governance, and ensuring secure practices are adopted consistently across regions.

You will manage a small high‑performing core team and build a wider virtual team of technical contributors across Europe. Operating as part of Ricoh’s senior security leadership, you will influence delivery teams, challenge existing norms and drive a culture of “shift left” to significantly reduce security vulnerabilities across our products and services.

This role has strategic and operational breadth, requiring both strong engineering expertise and exceptional leadership, communication and stakeholder‑engagement skills.

Key responsibilities Include

Leadership, Strategy and Governance

• Creating and leading a small team of advanced security specialists, including talent acquisition, coaching and performance management
• Building a pan‑European virtual network of technical contributors to embed secure development capability across regions
• Working with senior executives, product leaders and global teams to align on global secure development practices
• Developing a comprehensive secure development policy framework aligned to NIST SSDF, OWASP SAMM/ASVS,ISO 27034 and our own internal standards/
• Managing the secure development budget and building business cases supporting investment in security improvements

SDLC Framework Ownership

• Designing/enhancing secure engineering guardrails, coding standards, and lifecycle governance policies
• Leading the rollout and adoption of secure development frameworks across multiple engineering teams as well as managing where we already have this capability
• Ensuring alignment with regulatory standards, security baselines and organisational risk priorities
• Conducting internal audits, defining KPIs and reporting performance trends across teams

Tooling and Engineering Enablement

• Developing a tooling strategy for secure development, including CI/CD integration, SCM, SAST, SCA and automated testing
• Leading the implementation of secure pipelines, reference environments and developer-friendly controls
• Defining best practices for code quality, defect reduction and testing maturity
• Supporting supply chain security, including SBOMs, provenance checks, artefact security and signing

Training, Stakeholder Engagement and Culture

• Building a centre of excellence offering clear guidance, training and reference material for secure development
• Delivering education on secure coding, threat modelling and SDLC best practice
• Challenging current norms and helping teams balance efficient delivery with robust security
• Supporting creation of security champions communities across Europe

Continuous Improvement

• Conducting maturity assessments and driving improvement roadmaps
• Staying ahead of emerging threats, tooling and secure engineering trends
• Ensuring incident readiness, forensic logging and integration with SRE/SOC playbooks

You will ideally have

Technical Expertise

• Strong background in secure development, SDLC governance and software engineering
• Experience with NIST SSDF, OWASP SAMM/ASVS, ISO 27034 or similar frameworks
• Deep understanding of secure coding, cryptography, and vulnerability prevention (e.g., OWASP Top 10, API Top 10)
• Hands‑on familiarity with CI/CD pipelines, SAST/SCA tooling, fuzz testing and code quality processes
• Experience building or maintaining SBOMs, supply chain security and provenance controls
• Cloud security knowledge (IAM, encryption, configuration hardening), ideally with Azure
• Ability to interpret red team findings and translate attack chains into practical mitigation strategies

Leadership and Stakeholder Skills

• Proven experience managing senior technical specialists and leading multi‑disciplinary teams
• Skilled in steering large‑scale business change and building virtual teams across regions
• Strong communicator capable of simplifying complex technical issues for executives
• Ability to influence, negotiate and challenge without direct authority
• Experience presenting to senior leadership, including board‑level stakeholders

Business and Strategic Acumen

• Strong understanding of product lifecycle management, engineering processes and commercial drivers
• Ability to embed security within agile delivery, DevOps workflows and hybrid models
• Experience in regulated environments and awareness of legal/compliance expectations
• Ability to deliver business value through improved security, consistency and resilience

Qualifications & Experience

• Degree in Computer Science, Software Engineering or similar (or equivalent experience)
• Certifications such as CISSP or CSSLP are highly advantageous
• Senior‑level experience (e.g., Head of Secure Development, Director of Secure Engineering) in enterprise‑scale environments
• Evidence of improving SDLC performance, implementing governance controls and influencing engineering teams

In return for your commitment, you can expect

At Ricoh, work should feel meaningful, supportive and fulfilling. The Ricoh Promise shapes your experience through four pillars that bring our culture to life.

Love to Connect

You become part of a global community built on openness, inclusion and genuine collaboration. Across teams, countries and roles, you'll find people who listen, involve and encourage you - helping you feel valued and able to be yourself every day.

Love to Grow

Your development truly matters to us. With access to learning pathways, mentoring and career opportunities across functions and countries, you'll be supported to stretch your skills, explore new directions and stay future-ready in a changing world.

Love to Give Back

Purpose is part of how we work. You'll have opportunities to make a difference through volunteering, sustainability initiatives and community programmes that reflect our shared values and commitment to positive impact.

Love to Succeed

Success at Ricoh is something we pursue together. You'll benefit from fair rewards, flexible working, wellbeing resources and real recognition - including programmes such as the Imagine. Change. Awards, where colleagues celebrate each other's achievements.

We are an equal opportunities employer

We believe that diverse perspectives make us stronger, and we welcome applications from people of all backgrounds, identities, and experiences. Our hiring decisions are based on skills, experience and potential, and we are committed to creating a fair and inclusive recruitment process. If you require any reasonable adjustments at any stage of the recruitment journey, please let us know and we will support you to bring your best self forward.

Ready to love what you do? Apply now and help us shape what comes next.