Remote Senior Product Manager, Security and Compliance Job in UK CloudBees

Who you are

• Solid understanding of how developers and security teams use popular security scanners like Checkmarx, Snyk, Wiz, Tenable, Palo Alto Prisma (Twistlock), Black Duck, synopsys and more
• Good understanding of AWS, Google, Microsoft Azure clouds
• Demonstrated expertise in cybersecurity with a thorough understanding of the latest trends, solutions, and best practices in the industry, e.g. ASPM, CCM
• Thorough understanding of compliance frameworks like NIST and Fedramp and the audit process around demonstrating compliance effectively
• Practical experience of the System Development Life Cycle, Software Development Life Cycle, and Agile framework
• Expertise in risk analysis, threat modeling, and vulnerability assessments
• Experience in coordinating with diverse cross-functional teams, including software engineers, designers, and stakeholders to drive the necessary outcomes
• Strong technical abilities and a track record of working through complex technical problems
• Strong troubleshooting and problem-solving skills
• Excellent communication skills, both written and verbal, to effectively convey complex technical concepts to non-technical stakeholders
• Demonstrated understanding of the techniques and methods of modern product discovery, design and product delivery
• 2+ years working on technology-powered products as a product manager
• Proven ability to engage with engineers, designers, and company leaders in a constructive and collaborative relationship (especially in a remote environment)
• Proven ability to convert specific customer requirements into extensible and reusable platform capability

Desirables

• Experience in ISO27001, or NIST Risk Management Framework
• Experience in security accreditation e.g. PCI-DSS, FedRAMP, NIST SSDF, NIST 800-53, ISO 27001, DORA
• Cyber security certification e.g. CISSP, CCSP

What the job involves

• Work with the Principal product manager in creating compelling Security & compliance offering integrated into the SDLC
• Leverage security and compliance skills to drive product towards vision
• Develop features to eliminate fragmented manual security assurance processes and deliver automated evidence artifacts defensible with auditors and compliance officers