Product Security Manager

Job Title: Product Security Manager
Job Location: Remote
Job Type: Contract

Job description:

Leadership & Program Ownership

• Lead, mentor, and develop a high-performing team of Product Security Engineers.
• Establish and drive a product security strategy focused on measurable risk reduction.
• Set priorities, manage team workload, and ensure consistent execution across products.
• Develop KPIs and reporting mechanisms that clearly communicate security risk posture to engineering leadership and executives.

Engineering Partnership & Communication

• Serve as the primary security advisor to engineering directors, product owners, and architects.
• Communicate technical risks in clear, business-aligned terms to influence prioritization and roadmap decisions.
• Build strong relationships across engineering to promote a culture of secure-by-design development.
• Facilitate and lead cross-functional conversations on emerging risks, architectural decisions, and critical vulnerabilities.

Secure Development Lifecycle & Risk Reduction

• Oversee security integration across the product lifecycle, ensuring secure design, development, and testing practices are consistently applied.
• Lead and scale threat modeling programs for new features, services, and architectural changes.
• Drive risk assessment processes for third-party integrations, AI-powered features, and platform changes.
• Guide teams in prioritizing vulnerabilities based on exploitability, impact, and business context.

Technical Execution & Tooling

• Manage the Product Security tech stack (SAST, SCA, secret scanning, DAST, dependency management).
• Partner with engineering to tune and mature detection rules, reduce noise, and ensure findings are actionable.
• Oversee development of automation, internal tooling, and CI/CD integrations that support efficient detection, triage, and remediation.
• Ensure the team performs high-quality manual security reviews, including code analysis, architecture reviews, and targeted penetration testing where needed.

Governance, Enablement & Culture

• Drive security education, secure coding training, and engineering enablement initiatives.
• Champion NHI Governance and other product security governance programs that increase engineering accountability and reduce long-lived exposures.
• Work with cross functional stakeholders to align product security practices with organizational risk management objectives.

About the Candidate:

• Proven experience in product/application security, software engineering, or security architecture, with the ability to engage deeply in both technical and strategic discussions.
• Experience leading and developing technical security teams.
• Strong communicator capable of influencing engineering leaders and translating security risks into clear, actionable guidance.
• Hands-on understanding of secure design principles, modern application architectures, and common vulnerability classes (OWASP, cloud security, AI/LLM risks, etc.).
• Working knowledge of engineering workflows: Git/GitHub, pull requests, CI/CD pipelines.
• Familiarity with SAST, SCA, DAST, secrets scanning, dependency management, and related tooling.
• Ability to drive alignment across multiple teams and balance long-term improvements with tactical needs.
• Passionate about enabling developers to build secure products through tooling, automation, and education.

Skills

Mandatory Skills : Proven experience in product/application security, Security Operations Center (SOC)