Posted in

Application Security Product Manager

Application Security Product Manager

CompanyBank of America
LocationWashington, DC, USA, Chicago, IL, USA, Charlotte, NC, USA, Denver, CO, USA
Salary$115800 – $215000
TypeFull-Time
Degrees
Experience LevelSenior, Expert or higher

Requirements

  • Significant experience (5+ years) in Product Management in cybersecurity across multiple domains, with a strong focus on application security testing and integrating controls as code.
  • Deep knowledge of application security testing, threat modeling, and modern application design patterns including Cloud-native and containers, and experience building and operating security tools and services.
  • Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their application in cloud environments.
  • Experience working in modern development teams, leveraging agile concepts and frameworks used for planning, refinement, prioritization.
  • Strong understanding of DevSecOps principles and experience integrating security into CI/CD pipelines and operational processes.
  • Excellent problem-solving skills, with the ability to think critically and adapt to new challenges and communicate insights in simple terms.
  • Strong written and verbal communication skills, with the ability influence at all levels by explain complex security concepts to non-technical stakeholders.
  • Experience working in a highly regulated industry.

Responsibilities

  • Define and communicate a clear product vision that aligns with our Cybersecurity, Line of Business and Customer Goals considering market trends and feedback.
  • Capture demand, prioritize mitigation of key risks and maintain a backlog to ensure the development team is working on the right things in the right order.
  • Demonstrate that our application development pipelines enable compliance with internal control requirements and regulatory obligations, with robust reporting and dashboards.
  • Communicate the efficiencies of building code with security in mind for a Cybersecurity vision and roadmap to stakeholders, and the team, to drive user adoption.
  • Work closely with DevOps, engineering, and IT teams to integrate security best practices into CI/CD pipelines, ensuring secure and efficient deployment processes.
  • Maintain comprehensive documentation of security controls, policies, and procedures for cloud environments.

Preferred Qualifications

  • Relevant certifications such as CISSP, CCSP, GSEC, GWEB, CEH, AWS Certified Security, Azure Developer Associate & Azure Security Engineer Associate
  • 10+ years experience in Product Management/Program Management roles