Security Product Owner for Privilege & Access Management

Welcome to Haleon. We’re a purpose\-driven, world\-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity.

Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science.

Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance\-focused culture.

• *About the role**

The Security Product Owner for Privilege \& Access Management is accountable for leading the development, execution, and continuous improvement of Privilege and Access Management platforms across Haleon which support our Cyber posture and regulatory requirements. This role provides delivery leadership for globally distributed engineering teams and serves as a co\-owner of cyber product strategy and roadmaps in partnership with the Haleon architecture function. The position requires functional knowledge in Privilege Management product capabilities, strong cross\-functional leadership, and the ability to influence without direct authority across engineering, architecture, operations, and cyber defense teams.

The individual will provide leadership on a team of engineers and subject matter experts responsible for capability development, enhancement, and operational sustainment. The successful candidate will have demonstrated experience delivering enterprise\-scale security capabilities, tracking and reporting measurable outcomes, and partnering with senior leaders (Director, VP, and occasionally CISO staff) to communicate progress, risk posture, and investment needs.

• *Role Responsibilities**

• *Strategic Planning** **\& Co\-ownership of** **Roadmaps**

• Be accountable for Privilege Management controls across the Haleon Enterprise. Engaging with GRC, I.T., Cyber Defense teams to ensure end\-to\-end integration and coverage of privilege management
• Own relationship and engagement with I.T. Operations, Governance, Risk and Compliance and delivery functions
• Own relationship with vendors and suppliers across the privilege management domain, initiating regular performance reviews and support procurement with renewals
• Provide regular reporting of status and progress to Haleon leadership
• Co‑develop a **3**‑**year cyber product capability maturity roadmap** with Haleon’s architecture function.
• Contribute subject matter expertise on privilege management across group
• Ensure strategic alignment and end to end integration across all other cyber towers and business owners

• *Product Ownership \& Delivery Leadership**

• Serve as the primary owner of execution for all privilege management and access, capabilities, and enhancements.
• Lead cross‑functional delivery teams across engineering, architecture, and operations, ensuring consistent execution of roadmap commitments.
• Own the product backlog including intake, refinement, prioritization, sequencing, and communication of delivery outcomes.
• Ensure security capabilities are designed and implemented for scalability, operational sustainability, and compliance with enterprise standards.

• *Operational Responsibility**

• Maintain shared responsibility for operational run‑state quality, ensuring that capabilities are reliable, measurable, and integrated into operational workflows.
• Ensure appropriate operational readiness before major releases, including runbooks, support processes, and monitoring.
• Partner with operations teams to address post‑deployment issues, scalability concerns, and continuous improvement opportunities.

• *Performance Measurement \& Metrics**

• Manage and report on Vendor/Supplier KPIs
• Develop and maintain Key Control Indicators (KCIs) and Key Risk Indicators (KRIs) with reproducible, transparent measurement methodologies.
• Track and report posture, control effectiveness, adoption, and operational performance indicators.
• Present regular progress updates, dashboards, and risk summaries to Director and VP‑level stakeholders.

• *Resource \& Cost Awareness**

• Provide input into cost forecasting and monitor cost drivers related to Privilege \& Access Management
• Maintain accountability for delivering within cost expectations while not directly owning budget approval processes.

• *Leadership \& Talent Development**

• Work across matrixed organizations supporting Solution Architecture and Cyber Defense
• Lead and develop 2\-3 engineers/SMEs, ensuring strong technical capability, performance management, and succession planning.
• Manage outsourced teams and Managed Service Providers
• Cultivate a culture of delivery excellence, operational discipline, and continuous improvement.

• *Stakeholder Engagement**

• Partner closely with Cyber Defense teams (SOC, IR, Insider Threat, Vulnerability Management, Threat Intelligence, and Forensics) to ensure capabilities support detection and response needs.
• Collaborate across cloud engineering, data platform, DevOps, and enterprise IT teams to drive adoption and integration of privilege management.
• Communicate progress, risks, decisions, and tradeoffs clearly to Director, VP, and occasional CISO\-level stakeholders.

• **Why you?***

• *Basic Qualifications:**

• 8\+ years of experience in cybersecurity product management, cloud/data security, or enterprise technology leadership roles.
• Proven experience leading delivery of complex, multi‑platform security capabilities in large enterprises.
• Strong technical literacy in privilege management concepts, including no\-standing privilege concepts.
• Experience with Identity and Privilege products such as CyberArk and SailPoint
• Demonstrated experience managing global teams and influencing across organizational boundaries.
• Strong communication, stakeholder management, and executive reporting skills.

• *Preferred Qualifications:**

• Experience collaborating with architecture teams on multi‑year strategy development.
• Experience supporting SOC/IR/DFIR operations with integrated cyber capabilities.
• Background in integration strategy, and enterprise\-scale security modernization.
• Professional certifications (preferred, not required).

• *Job Posting End Date**

2026\-06\-29**Equal Opportunities**

• ----------------------

Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected – all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It’s important to us that Haleon is a place where all our employees feel they truly belong.

During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees.

The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.

• *Adjustment or Accommodations Request**
• ---------------------------------------

If you require a reasonable adjustment or accommodation or other assistance to apply for a job at Haleon at any stage of the application process, please let your recruiter know by providing them with a description of specific adjustments you are requesting. We’ll provide all reasonable adjustments to support you throughout the recruitment process and treat all information you provide us in confidence.

• *Note to candidates**
• ---------------------

The Haleon recruitment team will contact you using a Haleon email account (@haleon.com). If you are not sure whether the email you received is from Haleon, please get in touch.