Staff Product Manager - AppSec

We are hiring a Staff Product Manager in India to drive key parts of our Application Security (AppSec) platform, with a strong focus on DevSecOps-integrated security, Application Security Testing (AST), Application Security Posture Management (ASPM), and AI- powered / agentic AppSec workflows.

 

This is a senior individual contributor role with ownership of platform-level capabilities used by global enterprise customers. You will work closely with engineering teams in India and product, security, and GTM leaders globally to define how security findings are discovered, prioritized, and remediated—both by humans and AI agents—across the SDLC.

Key Responsibilities

• Own the strategy and roadmap for AppSec capabilities, including:
  • AST (SAST, SCA, DAST, secrets detection)
  • ASPM and vulnerability correlation
  • CI/CD-native DevSecOps integrations
  • AI-powered and agentic AppSec workflows (e.g., automated triage, reasoning, and remediation)
• Define end-to-end AppSec workflows across the SDLC, from code and dependency discovery to risk prioritization and remediation.
• Partner closely with engineering teams in India to deliver scalable, secure, and high- quality platform capabilities.
• Design and evolve AI-assisted AppSec experiences, including:
  • Context-aware vulnerability prioritization
  •  AI-generated remediation guidance or PRs.
  •  Guardrails and governance for AI-driven changes
• Collaborate with global stakeholders across product, sales, customer success, and security to align roadmap with customer and market needs.
• Engage directly with enterprise customers to understand AppSec workflows, regulatory requirements, and adoption challenges.
• Drive competitive analysis across AppSec, ASPM, and AI-native security vendors to inform differentiation.
• Define and track product success metrics, including coverage, signal quality, MTTR, developer experience, and AI effectiveness.

Required Qualifications

• 6–10 years of product management experience, with ownership of enterprise security,
• DevSecOps, or developer-focused platforms.
• Strong understanding of Application Security and DevSecOps, including:
  • AST tools (SAST, SCA, DAST, secrets scanning)
  • CI/CD pipelines and developer workflows
  • ASPM or vulnerability management concepts
• Familiarity with AI-powered developer or security tools, including LLM-based workflows, automation, or agentic systems.
• Proven ability to translate complex security and technical requirements into clear, prioritized product plans.
• Strong communication and stakeholder management skills, with experience working across distributed global teams.

Preferred Qualifications

• Experience building or scaling AppSec or DevSecOps platforms used by large engineering organizations.
•  Familiarity with SBOMs, dependency graphs, vulnerability intelligence, and risk prioritization techniques.
• Exposure to AI governance, policy-as-code, or automated remediation systems.
• Background in software engineering, security engineering, or DevOps (strong plus).
• Experience with cloud-native and containerized environments.

• Own critical parts of a global AppSec platform from India.
• Work on cutting-edge AI-driven AppSec and DevSecOps workflows.
• Collaborate with senior product and engineering leaders across geographies.
• Build products that meaningfully improve how enterprises secure software at scale.