We are seeking a Senior Product Manager to own a core set of security insights and governance capabilities within the platform.

Security teams operate under constant pressure from compliance mandates, audits, and business leaders. Yet the hardest part of staying compliant isn’t implementing the controls, it’s knowing whether those controls are effective. Security, operations and compliance data is fragmented across tools, reporting is manual and fragile, and leaders are left questioning whether the results they see are accurate, complete, and up to date.

In this role, you will own a core set of security measurement and governance capabilities within the platform, defining how security controls are measured, how those measures are represented and governed, and how gaps are prioritized and operationalized through reporting, workflows, and remediation. Your work turns fragmented data into trusted insights that security leaders and compliance teams rely on to make decisions every day.

You will be accountable for delivering capabilities that support cybersecurity continuous controls monitoring (CCM), while laying the foundation for broader security governance and future exposure management use cases. You will work directly with customers and go-to-market teams to demonstrate value, support customer acquisition, and drive daily adoption. The capabilities you build also feed AI-driven insights and workflows, enabling intelligent insights and remediation across the product.

Core Responsibilities

• End-to-end ownership of security insights and governance capabilities within the platform including:

• Definition and representation of security measures (what is measured, how, and why)

• Continuous evaluation of security control effectiveness across domains and frameworks

• A reporting and insights building experience (metrics, widgets, reusable components) used by customers to intuitively build reports to easily understand gaps and communicate control effectiveness

• Expansion of compliance framework mappings (NIST, CIS, PCI, etc), including driving which frameworks to support and how controls map to real security measures

• Workflows that allow teams to select a control, understand how it is measured, and review supporting evidence

• Point-in-time snapshots and internal-based views to supporting executive reporting and audits with historical comparisons

• Data lineage, change detection, and dependency awareness to explain how and why control status changes over time

• Remediation workflows and automation that close the loop between measured gaps and resolution

• Defining what makes control effectiveness trustworthy for reporting and AI including:

• Data accuracy, completeness, and freshness

• Clear, explainable logic behind results

• Outputs that are defensible under scrutiny

• Defining and building the gold-standard security data sets that ensure accuracy and consistency, and reuse across:

• Reporting insights

• Workflows

• AI insights

• Ensuring measures, reporting, and workflows are AI-ready, feeding AI-driven insight generation and remediation recommendations

• Partnering with engineering in a continuous-delivery environment to ship enterprise-ready capabilities

• Working with GTM teams to ensure capabilities are clear, outcome-driven, and demo ready

• Engaging directly with customers and prospects to support deal cycles and net-new customer acquisition

• Occasional travel to customer sites and team events, typically less than 25%.

• Collaborate with global teams and adjust working hours as needed to accommodate international time zones.

What Success Looks Like in the First 6-12 Months

• Deliver a measurement-driven reporting and insights-building experience used daily by core personas

• Expand and operationalize additional security and compliance frameworks based on customer and market needs

• Launch workflows that improve control transparency, traceability, and audit readiness

• Introduce point in time snapshots that support audits and executive reporting

• Establish data lineage and change-detection capabilities that significantly increase trust in control effectiveness

• Integrate key governance and remediation workflows with our AI insights engine

• Drive measurable adoption and contribute directly to net-new customer acquisition

Desired Skills and Experience:

• 5-8+ years of product management experience in B2B SaaS

• Experience in building insight-driven, measurement-heavy, or governance-focused platforms including cybersecurity, compliance, AI, or GRC products

• Strong understanding for how metrics are defined, represented, and consumed for decision-making

• Proven ability to translate security or governance problems into clear product capabilities

• Comfort owning high-visibility product areas used by security leaders and teams

• Experience working with complex, imperfect enterprise data from hundreds of enterprise security tools

• Willingness and ability to engage directly with customer acquisition and expansion efforts

Skills:

• Product experience in building security, CCM, GRC, or exposure-management platforms

• Compliance framework modeling and control mapping

• Reporting and insight-building design

• Risk-based prioritization and gap management

• AI product fluency, designing data outputs that AI can reason over

• ITSM-driven remediation workflows and automation design

• Delivering security and governance insights backed by trusted data with attributes such as accuracy, completeness, lineage

• Developing clear product requirements, trade-off decision making, and execution

• Cross-functional leadership and outstanding communication

• Customer-facing product storytelling and sales support

Employees at all levels are expected to:

• Understand our Operating Principles; make them the guidelines for how you do your job.