Product Security Manager - Security Testing & Assurance
About The Position
HP Cybersecurity is seeking a Product Security Manager to lead Security Testing Services (STS) across HP products, platforms, and services. This role is primarily responsible for driving execution, quality, and scale of security testing engagements, ensuring vulnerabilities are identified, assessed, and remediated prior to release. In parallel, the role ensures that cross-functional processes—including Security Review Services (SRS) and software integrity controls (e.g., signing and verification)—operate efficiently and consistently to support secure product delivery. You will act as a central leader ensuring STS execution is tightly integrated with SRS and release readiness controls, enabling a streamlined and risk-based product security lifecycle.
Requirements
- Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field
- Combined 8+ years of experience in cybersecurity and software development including: Application or product security, Application or product performance or validation analysis, Hands-on security testing or vulnerability management, Code signing and verification methodologies
- 3+ years of leadership or program management experience
- Strong expertise in: Security testing methodologies, Application or product testing or analysis, Security architecture analysis, Vulnerability lifecycle management
- Working knowledge of: Software integrity concepts (e.g., verification, signing, supply chain controls)
- Experience with security testing tools (e.g., Burp Suite, code analysis platforms)
Nice To Haves
- Experience securing web applications, APIs, cloud-native systems, or platform software
- Relevant certifications (CISSP, OSCP, or equivalent)
Responsibilities
- Lead and manage end-to-end execution of Security Testing Services (STS) across applications, APIs, and product platforms
- Oversee and ensure quality of testing activities including: Manual penetration testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST)
- Ensure testing coverage is aligned to risk, architecture, and threat exposure
- Drive consistency in testing methodologies, reporting, and validation
- Manage STS pipeline to ensure timely execution and delivery of security testing outcomes
- Ensure alignment between SRS and STS
- Maintain alignment between SRS intake, STS execution, and remediation tracking
- Ensure alignment among STS, SRS, and code signing policies
- Ensure vulnerabilities identified through STS are: Accurately prioritized based on risk, Clearly documented and communicated to stakeholders
- Drive enforcement of remediation timelines per HP policy
- Ensure Critical and High vulnerabilities are addressed prior to production release
- Escalate risks or delays through appropriate channels
- Act as a subject matter expert on technologies and processes: STS, SRS, Code signing
- Leads teams performing manual and automated security testing across diverse HP products and platforms
- Ensures testing results directly translate into risk reduction and secure release decisions
- Drives operational excellence across the product security testing lifecycle
Benefits
- Health insurance
- Dental insurance
- Vision insurance
- Long term/short term disability insurance
- Employee assistance program
- Flexible spending account
- Life insurance
- Generous time off policies, including; 4-12 weeks fully paid parental leave based on tenure
- 11 paid holidays
- Additional flexible paid vacation and sick leave
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
