Job Title: L2 Product Owner – Application Security (AppSec)

Overview

• Part of the centralized Application Security (AppSec) organization
• Responsible for supporting strategy, vision, and roadmap execution across enterprise application security
• Works across a portfolio of security products and delivery teams aligned with enterprise objectives
• Contributes to execution across multiple AppSec delivery teams

Role Summary

• Support one of three AppSec delivery groups covering ~21 delivery teams
• Translate high-level AppSec strategy into actionable product features
• Ensure successful delivery aligned with the AppSec product operating model
• Collaborate closely with engineering teams and stakeholders to drive outcomes

Key Responsibilities

Strategy Execution

• Translate AppSec vision, strategy, and roadmap into executable deliverables
• Ensure alignment with leadership-defined priorities and organizational goals
• Support strategic initiatives across multiple delivery streams

Product Ownership

• Own and manage product features within the assigned delivery group
• Ensure deliverables adhere to product model standards and security requirements
• Act as the accountable owner for feature lifecycle management

Delivery Planning & Execution

• Define delivery timelines and execution approach
• Apply Agile/Scrum methodologies for planning and delivery
• Break down initiatives into epics, features, and user stories
• Drive initiatives from intake through execution to final delivery

Backlog & Prioritization

• Maintain and manage the product backlog
• Prioritize work based on business value, risk, and strategic alignment
• Continuously refine backlog to reflect evolving priorities

Stakeholder & Engineering Collaboration

• Collaborate closely with engineering and development teams
• Act as a bridge between business strategy and technical execution
• Communicate requirements clearly to ensure successful feature delivery

Domain Focus: Application Security

• Focus on strengthening security across enterprise applications
• Manage and support:
  • Vulnerability management processes
  • Application code scanning initiatives
  • Secure software development practices
• Identify and drive remediation of security risks in application code

Relevant Concepts & Tools

• Static Application Security Testing (SAST)
• Software Composition Analysis (SCA)
• Vulnerability scanning tools (e.g., Checkmarx, TruffleHog)
• Secure coding practices
• DevSecOps methodologies

Apply now