Codebase Inc · 7 hours ago
Security Product Manager
United States
Contract
Remote
Senior Level, Lead/Staff
8+ years expCodebase Inc is seeking a Product Security Manager to drive product security risk reduction across the engineering organization. This strategic role involves overseeing a team of Product Security Engineers and partnering with engineering leadership to ensure secure design, development, and delivery practices throughout the product lifecycle.
Information Technology & Services
Hiring Manager
Rahul Reddy
Responsibilities
Lead, mentor, and develop a high-performing team of Product Security Engineers
Establish and drive a product security strategy focused on measurable risk reduction
Set priorities, manage team workload, and ensure consistent execution across products
Develop KPIs and reporting mechanisms that clearly communicate security risk posture to engineering leadership and executives
Serve as the primary security advisor to engineering directors, product owners, and architects
Communicate technical risks in clear, business-aligned terms to influence prioritization and roadmap decisions
Build strong relationships across engineering to promote a culture of secure-by-design development
Facilitate and lead cross-functional conversations on emerging risks, architectural decisions, and critical vulnerabilities
Oversee security integration across the product lifecycle, ensuring secure design, development, and testing practices are consistently applied
Lead and scale threat modeling programs for new features, services, and architectural changes
Drive risk assessment processes for third-party integrations, AI-powered features, and platform changes
Guide teams in prioritizing vulnerabilities based on exploitability, impact, and business context
Manage the Product Security tech stack (SAST, SCA, secret scanning, DAST, dependency management)
Partner with engineering to tune and mature detection rules, reduce noise, and ensure findings are actionable
Oversee development of automation, internal tooling, and CI/CD integrations that support efficient detection, triage, and remediation
Ensure the team performs high-quality manual security reviews, including code analysis, architecture reviews, and targeted penetration testing where needed
Drive security education, secure coding training, and engineering enablement initiatives
Champion NHI Governance and other product security governance programs that increase engineering accountability and reduce long-lived exposures
Work with cross‑functional stakeholders to align product security practices with organizational risk management objectives
Qualification
Required
8–10 years of experience in product/application security, software engineering, or security architecture
Proven experience leading and developing technical security teams
Strong communicator capable of influencing engineering leaders and translating security risks into clear, actionable guidance
Hands-on understanding of secure design principles, modern application architectures, and common vulnerability classes (OWASP, cloud security, AI/LLM risks, etc.)
Working knowledge of engineering workflows: Git/GitHub, pull requests, CI/CD pipelines
Familiarity with SAST, SCA, DAST, secrets scanning, dependency management, and related tooling
Ability to drive alignment across multiple teams and balance long-term improvements with tactical needs
Passionate about enabling developers to build secure products through tooling, automation, and education
Company
Codebase Inc
Codebase Inc. is a strategic IT solutions service provider based in New Jersey, USA.
201-500 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase