Staff Product Manager - Security and Privacy

ABOUT THIS ROLE

As a Staff Product Manager, you will serve as the strategic architect and domain expert for our security, compliance, and trust infrastructure. You will own the vision and execution for product security, infrastructure security, edge security, data protection, responsible AI governance, and compliance. Ensuring our platform is secure by default, compliant by design, and trusted by the world's most regulated organizations.

This is a high-impact individual contributor role with broad horizontal influence across engineering, legal, data science, InfoSec, and go-to-market teams. You will shape how we protect customer data, build for government and regulated markets, and establish industry-leading security practices that enable enterprise growth.

RESPONSIBILITIES

• Strategic Vision & Roadmap Own the multi-year vision and execution roadmap for everything around product security, compliance, privacy, data governance and responsible AI. Anticipate emerging regulatory requirements and security paradigms, positioning LVT ahead of market demands in regulated environments.

• Security Architecture: Partner with engineering and InfoSec teams to design and implement enterprise grade security-first architectures across multi-cloud environments and hybrid edge deployments. Drive adoption of Zero Trust models, MFA, robust Identity and Access Management (IAM), audit logging, secure software development & delivery etc. across distributed infrastructure.

• Data Protection & Lifecycle Management: Design comprehensive data protection strategies including data classification schemes, retention and deletion policies, encryption key management, and secure data workflows across cloud and edge environments.

• Responsible AI Governance: Maintain and improve frameworks for secure, ethical, and compliant AI system deployment. Scale and automate AI model security, adversarial robustness, fairness testing, bias detection and mitigation, explainability, and auditability. Create guardrails ensuring transparency, accountability, and alignment with emerging AI regulations. Partner with data science and AI teams to embed responsible AI practices throughout the ML lifecycle.

• Continuous Compliance & Certification Management: Collaborate with GRC, legal, and audit teams to maintain and continuously improve LVT’s security and compliance posture. Manage certification roadmaps and ensure readiness for regulatory audits. Translate complex legal and regulatory requirements into actionable product and engineering initiatives.

• Cross-Functional Leadership & Influence: Serve as the central orchestrator between Engineering, InfoSec, Legal, Data Science, Sales, and Customer Success. Unblock enterprise and government deals by providing security assurance, documentation, and roadmap commitments. Mentor other PMs on security and privacy best practices. Build organizational muscle around proactive and resilient security culture.

REQUIRED EXPERIENCE

Technical Proficiency

• Cloud & Product Security: Deep understanding of secure software development practices, vulnerability management, multi-cloud security architectures (AWS, Azure, GCP), container security (Kubernetes, Docker), Infrastructure-as-Code (IaC) security, and DevSecOps practices

• Zero Trust & Identity: Expertise in Zero Trust networking, microsegmentation, identity-based perimeter, and distributed authentication

• Edge & Distributed Systems: Knowledge of edge computing security models, secure IoT architectures, certificate management, and distributed trust frameworks

• AI/ML Security: Understanding of AI system security including model protection, data poisoning prevention, adversarial robustness, inference security, and ML pipeline security

• Encryption & Cryptography: Working knowledge of encryption primitives, key management systems (KMS, HSM), homomorphic encryption, and secure multi-party computation

• Network & API Security: Familiarity with API security patterns, service mesh architectures, mutual TLS, rate limiting, and DDoS mitigation

• Clearance Eligibility: Ability to obtain and maintain a U.S. Government security clearance (U.S. citizenship required)

Domain Expertise

• Security Frameworks: Deep familiarity with NIST 800-53, NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, and OWASP

• Global Compliance & Privacy Frameworks: Expert knowledge of SOC2, ISO 9001, GDPR, CCPA/CPRA, FCC, UL Certification etc.

• Government Compliance: Understanding of NDAA, CMMC, ITAR, FedRAMP, StateRAMP, FISMA, and DoD Impact Level requirements

• AI Governance: Understanding of NIST AI Risk Management Framework, EU AI Act, algorithmic accountability frameworks, and responsible AI principles

Experience You'll Bring

• 12+ years in product management, technical program management, or technical leadership roles

• At least 8 years focused on security, compliance, data protection, privacy, or enterprise/developer-facing SaaS

• Provenance of Impact: Demonstrated track record of:

• Shipping enterprise-grade security and privacy features that reduce customer friction while maintaining strong controls

• Leading security certification efforts (SOC 2, ISO 27001, FedRAMP) from requirements through audit

• Enabling entry into regulated markets through product and compliance initiatives

• Building security roadmaps that balance innovation with risk management

• Regulated Industry Experience: Preferred experience serving customers in highly regulated industries such as government, healthcare, financial services etc.

• Education: B.S. in Computer Science, Engineering, Information Security, or related technical field; MBA, M.S., or relevant security certifications (CISSP, CISM, CIPP, CRISC) preferred