Senior Product Manager – DevSecOps & Developer Experience

JSI•Ottawa, ON

35d•Hybrid

About The Position

We are seeking a senior technical leader to guide the DevSecOps and Developer Experience tooling and platform product portfolio. This role treats CI/CD, security, and delivery capabilities as first-class platform products—reusable, customer-ready building blocks that can be delivered consistently to internal teams and external developers—enabling developers to build, deploy, and operate software quickly and safely across hosting models (on-prem, cloud, and hybrid) for highly regulated and customer-managed environments. ROLE PURPOSE This role exists to make secure, compliant, and repeatable software delivery the default—delivered as a self-service platform for both internal and external developers. By embedding supply-chain security, compliance controls, and intelligent automation directly into platform capabilities (not manual processes), the role enables teams to move faster without increasing risk. It also applies an AI-native lens to developer workflows across the software lifecycle, improving productivity, quality, and consistency while reducing cognitive load.

Requirements

7+ years of experience designing, building, and supporting DevSecOps software delivery platforms and operating models, including CI/CD, GitOps, and/or developer experience capabilities
Experience delivering and supporting software in regulated or customer‑managed environments
Strong technical fluency with cloud‑native platforms, Kubernetes, and container ecosystems
Familiarity with compliance frameworks (e.g., NIST 800‑53, 800‑171, CMMC, FedRAMP), with an emphasis on engineering implementation mechanisms rather than certification ownership
Working knowledge of AI‑assisted development and delivery tools and how they can be safely applied in regulated pipelines
Senior‑level stakeholder management with the ability to influence across organizational boundaries
Ability to translate security and compliance requirements into scalable product capabilities
Strong collaboration skills across product, engineering, security, and go‑to‑market teams
Customer‑centric mindset with a focus on platform usability and outcomes

Responsibilities

Set direction, priorities, and measurable outcomes for CI/CD, GitOps, and release management platforms
Define hosting-agnostic packaging, versioning, and distribution models (on-prem, cloud, hybrid), including regulated, disconnected, and air-gapped environments
Drive a full self-service platform model (portal/catalog, templates, documentation, paved roads) that accelerates onboarding and delivery for internal and external developers
Treat internal application teams as platform customers, driving adoption, usability, and satisfaction
Productize software supply‑chain security capabilities, including SBOMs, artifact signing, scanning, and provenance
Embed compliance controls aligned to NIST, CMMC, and FedRAMP directly into delivery workflows
Enable automated evidence generation and audit‑ready artifacts as a standard platform capability
Lead developer experience across onboarding, SDKs, pipelines, and the internal developer platform (IDP), with a focus on repeatable golden paths and self-service
Define AI-native workflows (with appropriate guardrails) for code generation, testing, security analysis, documentation, and operational automation across the SDLC
Reduce cognitive load on engineering teams by standardizing and automating delivery practices
Partner closely with engineering, security, architecture, and infrastructure teams to align platform delivery
Partner with Security/GRC and customer assurance stakeholders; this role enables controls-as-code, evidence automation, and auditability, but does not serve as the certification/accreditation authority
Serve as the primary point of contact for DevSecOps tooling strategy and key vendor relationships