Principal Product Manager- Compliance Development Kit (CDK)

k-ID is building a safer age-aware internet for kids and teens, and they are seeking a Principal Product Manager to oversee their Compliance Development Kit (CDK). This role involves managing CDK as a standalone business, focusing on product adoption and strategic direction while ensuring compliance with evolving regulations.

Responsibilities:

• You run CDK like its own business. You're measured on outcomes, not output – adoption, conversion, expansion, and reliability, not specs written or features shipped – and you're the single point of accountability for those numbers across Legal, Engineering, Design, GTM, and Customer Success
• Grow CDK as a product line. Own its arc from configuration tool to the compliance platform others build on, and the adoption, revenue, and expansion that prove it. What you build, defer, and kill is judged against that outcome, not a feature backlog
• Land new verticals. Turn the regulation-agnostic engine into shipped revenue in new categories – AI, regulated commerce, whatever's next – by building primitives that generalize instead of one-offs per customer
• Define the primitive. Identify the core abstractions that make CDK genuinely differentiated (permission strings, jurisdictional rule engines, consent orchestration) and partner with engineering to build them
• Run the pod, not just the roadmap. You own the 'what' and the 'why,' then you own the build – the cadence, the unblocking, the in-the-weeds calls with engineering, not a deck you hand off. Pure strategists who delegate execution won't last here; neither will pure executors who don't want to own the bet
• Keep it unbreakable at scale. CDK enforces compliance for tens of millions of users; staying correct as the law shifts underneath is an outcome you own with engineering, not a problem you hand to them

Requirements:

• 8+ years of product management experience, with a track record of owning technically complex platforms, infrastructure, or developer tools
• Exceptional product and operational judgment in high-ambiguity environments
• The ability to read API documentation, engage on system architecture tradeoffs, and think in systems
• A productization instinct: you understand the difference between 'one customer wants this' and 'the market needs this.'
• Extreme speed and clarity in communication, proactively sharing status, blockers, and tradeoffs with leadership
• World-class product taste and strong opinions on what great developer and end-user platforms look like
• You hold alignment across Legal, Engineering, GTM, and customers without waiting for consensus – and you say no well
• You've shipped product against actual regulation, such as children's privacy or online safety (COPPA, GDPR-K, the UK Online Safety Act, the DSA, Australia's Online Safety Act), or an adjacent regime like KYC, payments, or restricted goods – and can say exactly what your product had to change because of it
• You've owned a rules or policy engine where the same input resolves differently by jurisdiction, age, or risk level and you know how hard it is to keep that correct as the law keeps moving
• You've built verifiable parental consent, age assurance / estimation, or age-gating flows and you've moved completion rates through a multi-step funnel, not just shipped the flow
• You've owned a developer product (APIs, SDKs, or drop-in widgets) and measured yourself on integration time and time-to-first-value, not feature count
• You've worked with config-as-code, entitlement systems, or versioned configuration (branches, diffs, test → live promotion), and you know the difference between hardcoding rules and building systems that adapt