Job Description
Company Overview
Milestone Technologies is a global IT managed services firm that partners with organizations to scale their technology, infrastructure and services to drive specific business outcomes such as digital transformation, innovation, and operational agility. Milestone is focused on building an employee-first, performance-based culture and for over 25 years, we have a demonstrated history of supporting category-defining enterprise clients that are growing ahead of the market. The company specializes in providing solutions across Application Services and Consulting, Digital Product Engineering, Digital Workplace Services, Private Cloud Services, AI/Automation, and ServiceNow. Milestone culture is built to provide a collaborative, inclusive environment that supports employees and empowers them to reach their full potential.
Our seasoned professionals deliver services based on Milestone’s best practices and service delivery framework. By leveraging our vast knowledge base to execute initiatives, we deliver both short-term and long-term value to our clients and apply continuous service improvement to deliver transformational benefits to IT. With Intelligent Automation, Milestone helps businesses further accelerate their IT transformation. The result is a sharper focus on business objectives and a dramatic improvement in employee productivity. Through our key technology partnerships and our people-first approach, Milestone continues to deliver industry-leading innovation to our clients. With more than 3,000 employees serving over 200 companies worldwide, we are following our mission of revolutionizing the way IT is deployed.
Job Overview
Third Party Product Security Auditor
About the Role
The Third Party Product Security Auditor is responsible for leading security programs with Contract Manufacturing (CM), Research and Development (R&D), and Original Design Manufacturer (ODM) partners who build innovative consumer electronics hardware. This role ensures the secrecy and security of Meta's intellectual property at production sites and third-party locations. The auditor will develop, implement, and validate security program best practices, assess third parties' security posture, and reduce risks in hardware production environments. This position requires building strategic relationships with internal teams and external vendors to develop long-term risk mitigation strategies.
Responsibilities
- Support third-party CM/R&D/ODM vendor manufacturing site activities, including production area, warehouse, and infrastructure security programs
- Provide guidance on best-in-class intellectual property protection programs for confidential projects
- Conduct ongoing onsite and virtual assessments of Meta contract manufacturing sites to identify physical security vulnerabilities
- Manage the onsite assessment and audit process, including documentation verification and validation of procedures or physical security controls provided by suppliers
- Apply auditing principles, analyze records, prepare reports, and recommend improvements in alignment with ISO 19011
- Facilitate communication between management, audit participants, and third parties, including conducting opening and closing meetings
- Oversee GPS Audit Management System alignment to CTPAT & TAPA criteria and integration into the company's Third Party Oversight & Management initiative
- Assist with creating, distributing, and maintaining the end-to-end audit management system and program to ensure customer requirements are met
- Monitor third-party adherence to supplier contracts, the physical security addendum, and customer requests
- Oversee programs from product conception through downcycling, supporting development teams in protecting projects and keeping them moving forward
- Develop and maintain standards, risk management approaches, and internal checks and balances
- Maximize partnerships with internal teams (Operations, Hardware Engineering, Legal, Security) and external cross-functional and third-party vendor teams
- Coordinate and facilitate meetings with internal and external partners; conduct project planning and execution
- Connect gaps observed across cross-functional teams to drive resolution
- Maintain confidentiality of all audit information related to third-party suppliers
- Travel extensively in NORAM and other regions as business needs require
Minimum Requirements
- Bachelor's degree in Security Management, Criminal Justice, Engineering, Supply Chain Management, or a related field (or equivalent experience)
- 5+ years of experience in physical security, supply chain security, or security auditing within manufacturing or hardware production environments
- Professional knowledge of information security practices in manufacturing environments, including PCBA and silicon fabrication processes
- Demonstrated experience conducting security audits and assessments against industry frameworks (e.g., CTPAT, TAPA, ISO 19011)
- Experience developing and implementing security programs for third-party or contract manufacturing partners
- Strong understanding of intellectual property protection in hardware development and production settings
- Ability to travel extensively (domestic and international)
- Strong written and verbal communication skills, with the ability to produce clear audit reports and present findings to diverse stakeholders
- Proven ability to manage cross-functional relationships and influence without direct authority
Preferred Qualifications
- Certified Protection Professional (CPP) or Physical Security Professional (PSP) certification through ASIS International
- CTPAT (Customs-Trade Partnership Against Terrorism) certification or validated knowledge of CTPAT requirements
- TAPA (Transported Asset Protection Association) certification (FSR, TSR, or PSR)
- ISO 19011 Lead Auditor certification or formal auditor training
- Experience working in or auditing consumer electronics, semiconductor, or hardware manufacturing environments
- Familiarity with silicon fabrication, PCBA assembly, and hardware prototype security protocols
- Prior experience managing security programs for large-scale, multi-site contract manufacturing operations
- Experience with audit management systems and security program lifecycle management tools
- Working knowledge of supply chain risk management frameworks
- Multilingual capability (e.g., Mandarin, Vietnamese, Spanish) given international travel requirements
- Prior experience in a corporate security or global protective services role at a technology company
- Project Management Professional (PMP) or equivalent project management certification
Compensation
Estimated Pay Range: $106400.00 - $115,600.00 USD/yr
Exact compensation and offers of employment are dependent on circumstances of each case and will be determined based on job-related knowledge, skills, experience, licenses or certifications, and location.
Our Commitment to Diversity & Inclusion
At Milestone we strive to create a workplace that reflects the communities we serve and work with, where we all feel empowered to bring our full, authentic selves to work. We know creating a diverse and inclusive culture that champions equity and belonging is not only the right thing to do for our employees but is also critical to our continued success.
Milestone Technologies provides equal employment opportunity for all applicants and employees. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, gender, gender identity, marital status, age, disability, veteran status, sexual orientation, national origin, or any other category protected by applicable federal and state law, or local ordinance. Milestone also makes reasonable accommodations for disabled applicants and employees.
We welcome the unique background, culture, experiences, knowledge, innovation, self-expression and perspectives you can bring to our global community. Our recruitment team is looking forward to meeting you.