We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
HID Global Corporation jobs

Senior Product Vulnerability Manager

HID Global Corporation
United States, Texas, Austin
611 Center Ridge Drive (Show on map)
May 05, 2026

An Amazing Career Opportunity foraSenior Product Vulnerability Manager!!

Location: Remote (US & Europe)

Job ID: 47562

As part of the Product Security and Privacy team, you will own and operate the corporate-wide Product Vulnerability Management program.

You will establish the organization's technical and operational capabilities to detect, triage, prioritize, and respond to product vulnerabilities across a diverse portfolio of products and technologies.

Accountable for the consistency, scalability, and defensibility of vulnerability management practices, you will ensure processes, tooling, and outputs are standardized, audit-ready, and aligned with regulatory expectations, including the EU Cyber Resilience Act (CRA).

You will operate at a strategic level, enabling product teams to execute vulnerability management activities effectively through defined standards, tooling, and governance, rather than performing hands-on remediation or investigation.

Who are we?

HID powers the trusted identities of the world's people, places, and things, allowing people to transact safely, work productively and travel freely.

We are a high-tech software company headquartered in Austin, TX, with over 4,500 worldwide employees.Check us out here:www.hidglobal.comandhttps://youtu.be/23km5H4K9Eo

As ourSenior Product Vulnerability Manager, you'll support HID's successby:



  • Defining and maintaining the enterprise Product Vulnerability Management framework, including processes for intake, triage, prioritization, remediation tracking, and disclosure.
  • Establishing standardized vulnerability triage and risk prioritization methodologies that work across the organization
  • Defining and implementing the corporate-wide vulnerability management policies and standards ensuring our Product Security Incident Response processes are appropriate with the organization's expectations and regulatory requirements.
  • Owning the Coordinated Vulnerability Disclosure (CVD) program, including external intake channels, researcher engagement, and coordination.
  • Translating regulatory requirements (e.g., EU Cyber Resilience Act) into operational processes, controls, and reporting obligations.
  • Defining and managing the enterprise tooling strategy for vulnerability detection (e.g., SAST, DAST, SCA, container scanning), including selection, configuration, and integration into CI/CD pipelines.
  • Establishing minimum tooling and coverage baselines across product types and ensure consistent adoption.
  • Defining and operationalize SBOM-driven vulnerability management practices, including monitoring and response to third-party component vulnerabilities.
  • Developing scalable playbooks, guidance, and decision frameworks enabling product teams to independently triage and respond to vulnerabilities.
  • Defining training requirements and developing enablement materials for product teams on vulnerability identification, triage, and response processes.
  • Establishing metrics, reporting, and dashboards to measure vulnerability management effectiveness, including SLA adherence, backlog, and remediation timelines.
  • Providing executive-level reporting and insights on product vulnerability risk posture.
  • Defining governance processes, including exception handling, risk acceptance, and escalation pathways.
  • Leading audit and assessment readiness related to vulnerability management processes and outputs.
  • Building and leading a small team responsible for program operations, tooling, and disclosure coordination.
  • Partnering with Product Security Architects, Engineering, Legal, and Compliance teams to ensure alignment and effective execution across the organization.
  • Acting as the central authority for product vulnerability management practices across the organization.
  • Enabling a federated operating model where product teams own remediation while adhering to centralized standards and processes.
  • Driving consistency in vulnerability handling across a large and diverse product portfolio.
  • Ensuring vulnerability management practices scale effectively across hundreds of products and multiple technology domains.
  • Providing strategic direction for continuous improvement of vulnerability management capabilities, tooling, and processes.
  • Supporting regulatory audits and customer inquiries related to vulnerability management and disclosure practices.



Your Experience and Background include:



  • Experience designing, building, or scaling a vulnerability management or PSIRT program within a product security or application security context.
  • Strong understanding of the vulnerability lifecycle, including detection, triage, prioritization, remediation tracking, and disclosure.
  • Working knowledge of application security principles and common vulnerability classes (e.g., OWASP Top 10).
  • Experience with vulnerability detection tooling (SAST, DAST, SCA, container scanning) and integration into development pipelines.
  • Experience defining or applying vulnerability scoring methodologies (e.g., CVSS) in a product context.
  • Familiarity with Coordinated Vulnerability Disclosure (CVD) processes and external researcher engagement.
  • Familiarity with regulatory requirements related to product security and vulnerability management, such as the EU Cyber Resilience Act (CRA).
  • Experience working within or supporting Secure Software Development Lifecycle (SSDL/SSDLC) programs.
  • Strong ability to define processes, standards, and governance models that scale across large organizations.
  • Excellent communication skills with the ability to translate technical risk into business impact.
  • Experience operating in large-scale, multi-product environments with distributed engineering teams is preferred.
  • Experience establishing or managing SBOM and software supply chain vulnerability programs is preferred.
  • Experience with vulnerability disclosure programs or bug bounty platforms is preferred.
  • Experience working in regulated industries or environments with strong compliance requirements is preferred.
  • Experience with Agile/SAFe methodologies is preferred.
  • Experience leading or mentoring small, high-impact teams is preferred.



What we can offer you:



  • Competitive salary and rewards package


  • Competitive benefits and annual leave offering, allowing for work-life balance


  • A vibrant, welcoming & inclusive culture
  • Extensive career development opportunities and resources to maximize your potential
  • To be a part of a global organization that is pioneering the hardware, software and services that allow people to confidently navigate the physical and digital worlds



Why apply?



  • Empowerment: You'll work as part of a global team in a flexible workenvironment, learning and enhancing your expertise. We welcome an opportunity to meet you and learn about your unique talents, skills, and experiences. You don't need to check all the boxes.If you have most of the skills and experience, we want you to apply.
  • Innovation: You embrace challenges and want to drive change. We are open to ideas, including flexible work arrangements, job sharing or part-time job seekers.
  • Integrity: You are results-orientated, reliable, and straightforward and value being treated accordingly. We want all our employees to be themselves, to feel appreciated and accepted.



The wage range for this role considers a broad scope of factors that are considered when making compensation decisions, including but not limited to: skill sets, experience and training, licensure and certifications, and other business and organizational needs. The disclosed range does not account for geographic differentials based on the location where the position may be filled. At HID, it is uncommon for individuals to be hired at or near the top of the range. Final compensation decisions depend on the specific facts and circumstances of each case.

The base salary in the United States is $170,000 USD to $200,000 USD.

This opportunity may be open to flexible working arrangements.

HID does not accept unsolicited resumes from headhunters, recruitment agencies, or fee-based recruitment services. We are not responsible for any fees related to unsolicited resumes.

HID is committed to building a diverse, equitable, and inclusive workforce that reflects the global communities we serve. As an equal opportunity employer, we welcome applications from individuals of all backgrounds, experiences, and perspectives. We evaluate applicants without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, disability, age, veteran status, or any other legally protected characteristic. Our goal is to create a workplace that empowers everyone to thrive and be their authentic selves, fostering an environment of mutual respect and inclusivity. If you have a disability and require assistance or accommodation to participate in the application process or to perform essential job functions, please contact accommodations-ext@hidglobal.com.

Please be aware that our recruitment process may include the use of AI-powered tools to assist in screening applicant resumes. These tools help us efficiently identify candidates whose qualifications and skills align with the job description. We use AI in a responsible manner and in accordance with applicable data privacy laws and regulations. Importantly, all applicants are reviewed by our Talent Acquisition team. AI is used to support, not replace, human judgment in the evaluation process.

We make it easier for people to get where they want to go!
On an average day, think of how many times you tap, twist, tag, push or swipe to get access, find information, connect with others or track something. HID technology is behind billions of interactions, in more than 100 countries. We help you create a verified, trusted identity that can get you where you need to go - without having to think about it.

When you join our HID team, you'll also be part of the ASSA ABLOY Group, the global leader in access solutions. You'll have 63,000 colleagues in more than 70 different countries. We empower our people to build their career around their aspirations and our ambitions - supporting them with regular feedback, training, and development opportunities. Our colleagues think broadly about where they can make the most impact, and we encourage them to grow their role locally, regionally, or even internationally. As we welcome new people on board, it's important to us to have diverse, inclusive teams, and we value different perspectives and experiences.

#LI-HIDGlobal
Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-94bfb)