Product Security Manager
United States of America
Full-time
2 weeks ago
H1B Sponsor Likely
Key skills
Product Security StrategyThreat ModelingSecurity IntegrationSecure Design PrinciplesSAST/SCA/DAST ToolsRisk AssessmentCICD PipelinesSecurity EducationTeam LeadershipCommunication SkillsAILLMGitGitHubLeadershipRisk ManagementOWASPPenetration TestingCloud Security
About this role
Envision Technology Solutions is seeking a Product Security Manager who will be a strategic and hands-on leader responsible for driving product security risk reduction across the engineering organization. This role involves overseeing a team of Product Security Engineers and collaborating closely with engineering leadership to ensure secure design, development, and delivery practices are embedded throughout the product lifecycle.
Responsibilities:
- Lead mentor and develop a highperforming team of Product Security Engineers
- Establish and drive a product security strategy focused on measurable risk reduction
- Set priorities manage team workload and ensure consistent execution across products
- Develop KPIs and reporting mechanisms that clearly communicate security risk posture to engineering leadership and executives
- Serve as the primary security advisor to engineering directors product owners and architects
- Communicate technical risks in clear businessaligned terms to influence prioritization and roadmap decisions
- Build strong relationships across engineering to promote a culture of securebydesign development
- Facilitate and lead crossfunctional conversations on emerging risks architectural decisions and critical vulnerabilities
- Oversee security integration across the product lifecycle ensuring secure design development and testing practices are consistently applied
- Lead and scale threat modeling programs for new features services and architectural changes
- Drive risk assessment processes for thirdparty integrations AIpowered features and platform changes
- Guide teams in prioritizing vulnerabilities based on exploitability impact and business context
- Manage the Product Security tech stack SAST SCA secret scanning DAST dependency management
- Partner with engineering to tune and mature detection rules reduce noise and ensure findings are actionable
- Oversee development of automation internal tooling and CICD integrations that support efficient detection triage and remediation
- Ensure the team performs highquality manual security reviews including code analysis architecture reviews and targeted penetration testing where needed
- Drive security education secure coding training and engineering enablement initiatives
- Champion NHI Governance and other product security governance programs that increase engineering accountability and reduce longlived exposures
- Work with cross functional stakeholders to align product security practices with organizational risk management objectives
Requirements:
- 12+ Years of experience in product/application security, software engineering, or security architecture
- Proven experience in product/application security software engineering or security architecture with the ability to engage deeply in both technical and strategic discussions
- Experience leading and developing technical security teams
- Strong communicator capable of influencing engineering leaders and translating security risks into clear actionable guidance
- Hands-on understanding of secure design principles, modern application architectures, and common vulnerability classes (OWASP, cloud security, AI/LLM risks, etc.)
- Working knowledge of engineering workflows (Git/GitHub, pull requests, CICD pipelines)
- Familiarity with SAST, SCA, DAST, secrets scanning, dependency management, and related tooling
- Ability to drive alignment across multiple teams and balance long-term improvements with tactical needs
- Passionate about enabling developers to build secure products through tooling, automation, and education