Senior Product Security Manager
United States of America
Full-time
2 weeks ago
H1B Sponsor Likely
Key skills
DASTSASTApplication SecurityAPI Security TestingThreat ModellingSecure SDLCDevSecOpsApplication Security FrameworksApplication Security ArchitectureSecure Design PrinciplesVulnerability ClassesGit/GitHubCI/CD PipelinesSecurity EducationAILLMGitGitHubSDLCCI/CDLeadershipRisk ManagementCommunicationCollaborationOWASPPenetration Testing
About this role
Envision Technology Solutions is seeking a Senior Product Security Manager who will be responsible for reducing product security risk across engineering by embedding secure-by-design practices and leading a team of Product Security Engineers. This role involves close collaboration with engineering leadership to drive threat modelling, secure SDLC, and DevSecOps at scale.
Responsibilities:
- Lead, mentor, and develop a high‑performing Product Security Engineering team
- Define and drive a product security strategy focused on measurable risk reduction
- Set priorities, manage team workload, and ensure consistent execution across products and platforms
- Develop KPIs and reporting that communicate security posture and vulnerability trends to engineering leaders and executives
- Serve as primary security advisor to engineering directors, product owners, and architects
- Translate technical risks into clear, business‑aligned language to influence roadmaps and prioritization
- Build strong relationships across engineering to promote a secure‑by‑design culture
- Facilitate cross‑functional discussions on emerging risks, architecture decisions, and critical vulnerabilities
- Oversee integration of security across the product lifecycle: design, development, testing, deployment, and operations
- Lead and scale threat modelling programs for new features, services, AI/LLM capabilities, and architectural changes
- Drive risk assessment processes for third‑party integrations, cloud services, AI/LLM features, and platform changes
- Guide teams in prioritizing vulnerabilities based on exploitability, impact, and business context
- Own the product security tooling stack: SAST, SCA, DAST, secrets scanning, dependency management, container security, etc
- Partner with engineering to tune detection rules, reduce false positives, and ensure findings are actionable
- Oversee development of automation and CI/CD integrations that enable efficient detection, triage, and remediation (“shift‑left” security)
- Ensure the team performs manual security reviews: code analysis, architecture reviews, and targeted application/API penetration testing as needed
- Drive security education, secure coding training, and enablement programs for developers and engineering teams
- Champion product security governance (e.g., NHI or similar frameworks) to increase engineering accountability and reduce long‑lived exposures
- Align product security practices with organizational risk management objectives and compliance requirements
Requirements:
- 12+ years of experience
- DAST
- SAST
- Application Security
- API Security Testing
- Application Security Frameworks
- Threat Modelling
- Secure SDLC
- DevSecOps
- Application Security Architecture
- Proven experience in product/application security, software engineering, or security architecture, with ability to engage deeply in technical and strategic discussions
- Experience leading and developing technical security teams
- Strong communication skills to influence engineering leadership and translate risks into actionable guidance
- Hands-on understanding of secure design principles, modern application architectures, and vulnerability classes (OWASP, cloud, API, AI/LLM risks)
- Working knowledge of engineering workflows: Git/GitHub, pull requests, CI/CD pipelines
- Familiarity with SAST, SCA, DAST, secrets scanning, dependency and container security tooling
- Ability to drive alignment across multiple teams and balance long-term strategic improvements with tactical fixes
- Passionate about enabling developers to build secure products through tooling, automation, and education