Director/Sr Director, Product Management, Risk-Based Vulnerability Mgmt (RBVM)

Qualys•Foster City, CA

2d•$210,000 - $240,000

About The Position

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Director/Sr Director of Product Management – RBVM, CTEM, ASM – Risk Operation Center (ROC) Location: Foster City, CA, USA Organization: Product GTM & SME Reports To: SVP of Product Management Role Overview Qualys is seeking a Director / Sr. Director of Product Management to lead its flagship Risk-Based Vulnerability Management (RBVM) product powered by Qualys VMDR and drive the evolution toward Continuous Threat Exposure Management (CTEM) via Qualys ETM. This leader will own the end-to-end product strategy, execution, and business performance of VMDR, serving 8,000+ global customers, while driving the transition from vulnerability management → risk-based prioritization → autonomous remediation → CTEM platform adoption . You will lead a team of 5+ product managers, partner with engineering, GTM, and field teams, and directly influence revenue growth, customer retention, and platform expansion. What You Will Be Doing Product Ownership: VMDR (RBVM) This role sits at the intersection of VMDR (execution) → ETM (risk platform), part of ROC (Risk Operation Center) What Makes This Role Unique Own Qualys’ flagship product (VMDR) used by thousands of enterprises Drive transition from VM → CTEM platform leadership Build Agentic AI–powered security workflows Direct impact on revenue, growth, and company strategy Lead the next evolution of cybersecurity: autonomous risk reduction Strategic Mandate (What You’ll Really Be Doing) This role is fundamentally about: Turning VMDR into the front door of Qualys platform growth Using AI + workflows to drive customer expansion into ETM Building the industry’s first autonomous RemOps + CTEM platform

Requirements

Experience working with platforms like Qualys and competitive vendor landscape focusing on RBVM, CTEM, AppSec, ASPM, CNAPP etc.
10–15+ years in Product Management (cybersecurity preferred)
Deep expertise in: Vulnerability Management Risk-Based VM (RBVM) Exposure Management / CTEM
Proven experience owning large-scale enterprise products
Strong understanding of: cloud, endpoint, identity, and application security
Experience working with: CISOs, CIOs, and security teams

Nice To Haves

Experience building AI/ML-driven security products
Knowledge of: attack surface management remediation workflows ITSM / DevOps integrations
Track record of: scaling products from platform → ecosystem driving upsell / cross-sell motions

Responsibilities

Product Leadership - Own VMDR as a Business (P&L Mindset)
Own product strategy, roadmap, and execution for VMDR
Lead and mentor a team of 5+ Product Managers
Drive innovation across: vulnerability prioritization (RBVM) remediation workflows asset-risk correlation
Deliver features that reduce MTTR and improve risk reduction outcomes
Business Ownership (Revenue + Growth)
Own end-to-end business metrics: ARR / revenue growth for VMDR product line Customer renewals and retention Cross-sell and upsell into: ETM CSAM Patch / Remediation solutions
Partner with GTM teams to: Drive pipeline generation Enable Sales with product positioning Define pricing and packaging strategy
Customer-Centric Innovation (Short–Mid Term)
Drive customer deal-breaker capabilities including: Scalable remediation workflows and automation Better prioritization beyond CVSS (business context, exploitability) Improved reporting, dashboards, and executive insights Seamless ITSM / DevOps integrations Cross-asset visibility (cloud, endpoint, identity)
Translate customer friction → product wins → revenue growth
Lead RBVM → CTEM Evolution
Define roadmap to evolve VMDR into: Risk-based vulnerability management (RBVM) Exposure management platform CTEM-aligned workflows
Build tight integration with: CSAM (asset context) ETM (risk aggregation and prioritization)
Drive VMDR “Deal Breaker” Requirements (0–18 months)
Identify and deliver top customer gaps blocking large deals, such as: Faster prioritization accuracy (TruRisk improvements) Better remediation workflows (ownership, SLA tracking) Reporting and executive dashboards Scalable performance for large enterprises
Partner with field (SEs, TAMs) to capture: Competitive losses Renewal risks Enterprise feature gaps
Design Agentic AI Workflows (Next-Gen Differentiation)
Lead innovation in Agentic AI-driven vulnerability remediation, including: Intelligent prioritization agents (what to fix first) Remediation planning agents (patch vs mitigate vs isolate) Workflow orchestration agents (who should fix it) Autonomous nudges and recommendations