Product Security Manager

Plano, TX - USA

Monthly Salary: Not Disclosed

Posted on: 12 hours ago

Vacancies: 1 Vacancy

Job Summary

The Product Security Manager is a strategic and hands-on leader responsible for driving product security risk reduction across the engineering organization. This role oversees a team of Product Security Engineers and partners closely with engineering leadership to ensure secure design development and delivery practices are embedded throughout the product lifecycle.

You will lead threat modelling initiatives guide risk discussions with engineering leaders and mature security controls tooling and governance to reduce vulnerabilities at scale. This role is ideal for a seasoned security or engineering professional who excels at building relationships influencing technical teams and driving security outcomes through both strategy and execution.

Key Responsibilities

Leadership & Program Ownership

Lead mentor and develop a high-performing team of Product Security Engineers.
Establish and drive a product security strategy focused on measurable risk reduction.
Set priorities manage team workload and ensure consistent execution across products.
Develop KPIs and reporting mechanisms that clearly communicate security risk posture to engineering leadership and executives.

Engineering Partnership & Communication

Serve as the primary security advisor to engineering directors product owners and architects.
Communicate technical risks in clear business-aligned terms to influence prioritization and roadmap decisions.
Build strong relationships across engineering to promote a culture of secure-by-design development.
Facilitate and lead cross-functional conversations on emerging risks architectural decisions and critical vulnerabilities.

Secure Development Lifecycle & Risk Reduction

Oversee security integration across the product lifecycle ensuring secure design development and testing practices are consistently applied.
Lead and scale threat modeling programs for new features services and architectural changes.
Drive risk assessment processes for third-party integrations AI-powered features and platform changes.
Guide teams in prioritizing vulnerabilities based on exploitability impact and business context.

Technical Execution & Tooling

Manage the Product Security tech stack (SAST SCA secret scanning DAST dependency management).
Partner with engineering to tune and mature detection rules reduce noise and ensure findings are actionable.
Oversee development of automation internal tooling and CI/CD integrations that support efficient detection triage and remediation.
Ensure the team performs high-quality manual security reviews including code analysis architecture reviews and targeted penetration testing where needed.

Governance Enablement & Culture

Drive security education secure coding training and engineering enablement initiatives.
Champion NHI Governance and other product security governance programs that increase engineering accountability and reduce long-lived exposures.
Work with cross functional stakeholders to align product security practices with organizational risk management objectives.

About the Candidate:

Proven experience in product/application security software engineering or security architecture with the ability to engage deeply in both technical and strategic discussions.
Experience leading and developing technical security teams.
Strong communicator capable of influencing engineering leaders and translating security risks into clear actionable guidance.
Hands-on understanding of secure design principles modern application architectures and common vulnerability classes (OWASP cloud security AI/LLM risks etc.).
Working knowledge of engineering workflows: Git/GitHub pull requests CI/CD pipelines.
Familiarity with SAST SCA DAST secrets scanning dependency management and related tooling.
Ability to drive alignment across multiple teams and balance long-term improvements with tactical needs.
Passionate about enabling developers to build secure products through tooling automation and education.

Skills

Mandatory Skills : Proven experience in product/application security Security Operations Center (SOC)