Director/Sr Director, Product Management, Risk-Based Vulnerability Mgmt (RBVM)
About the role
Qualys is seeking a Director / Sr. Director of Product Management to lead its flagship Risk-Based Vulnerability Management (RBVM) product powered by Qualys VMDR and drive the evolution toward Continuous Threat Exposure Management (CTEM) via Qualys ETM. This leader will own the end-to-end product strategy, execution, and business performance of VMDR, serving 8,000+ global customers, while driving the transition from vulnerability management → risk-based prioritization → autonomous remediation → CTEM platform adoption.
Role Overview
You will lead a team of 5+ product managers, partner with engineering, GTM, and field teams, and directly influence revenue growth, customer retention, and platform expansion.
Key Responsibilities
Product Leadership - Own VMDR as a Business (P&L Mindset)
Own product strategy, roadmap, and execution for VMDR
Lead and mentor a team of 5+ Product Managers
Drive innovation across:
- vulnerability prioritization (RBVM)
- remediation workflows
- asset-risk correlation
Deliver features that reduce MTTR and improve risk reduction outcomes
Business Ownership (Revenue + Growth)
Own end-to-end business metrics: ARR / revenue growth for VMDR product line
Customer renewals and retention
Cross-sell and upsell into:
- ETM
- CSAM
- Patch / Remediation solutions
Partner with GTM teams to:
- Drive pipeline generation
- Enable Sales with product positioning
- Define pricing and packaging strategy
Customer-Centric Innovation (Short–Mid Term)
Drive customer deal-breaker capabilities including:
- Scalable remediation workflows and automation
- Better prioritization beyond CVSS (business context, exploitability)
- Improved reporting, dashboards, and executive insights
- Seamless ITSM / DevOps integrations
- Tight integration with:
- CSAM (asset context)
- ETM (risk aggregation and prioritization)
Translate customer friction → product wins → revenue growth
Lead RBVM → CTEM Evolution
Define roadmap to evolve VMDR into:
- Risk-based vulnerability management (RBVM)
- Exposure management platform
- CTEM-aligned workflows
Drive VMDR “Deal Breaker” Requirements (0–18 Months)
Identify and deliver top customer gaps blocking large deals, such as:
- Faster prioritization accuracy (TruRisk improvements)
- Better remediation workflows (ownership, SLA tracking)
- Reporting and executive dashboards
- Scalable performance for large enterprises
Design Agentic AI Workflows (Next-Gen Differentiation)
Lead innovation in Agentic AI-driven vulnerability remediation, including:
- Intelligent prioritization agents (what to fix first)
- Remediation planning agents (patch vs mitigate vs isolate)
- Workflow orchestration agents (who should fix it)
- Autonomous nudges and recommendations
Success Metrics
- VMDR revenue growth and market share
- ETM attach rate (VMDR → ETM conversion)
- Customer retention and renewal rates
- MTTR reduction across customer base
- Adoption of new AI-driven features
- Pipeline contribution and deal acceleration
Experience Required
- Experience working with platforms like Qualys and competitive vendor landscape focusing on RBVM, CTEM, AppSec, ASPM, CNAPP etc.
- 10–15+ years in Product Management (cybersecurity preferred)
- Deep expertise in:
- Vulnerability Management
- Risk-Based VM (RBVM)
- Exposure Management / CTEM
- Proven experience owning large-scale enterprise products
- Strong understanding of:
- cloud, endpoint, identity, and application security
- Experience working with:
- CISOs, CIOs, and security teams
Preferred Experience
- Knowledge of:
- attack surface management
- remediation workflows
- ITSM / DevOps integrations
- Track record of:
- scaling products from platform → ecosystem
- driving upsell / cross-sell motions
Product Context
Qualys VMDR Unified platform to discover, assess, prioritize, and remediate vulnerabilities across hybrid environments
AI-driven prioritization and integrated patch workflows
Core revenue engine and entry point for Qualys customers
Qualys CSAM Continuous asset discovery across IT, cloud, containers, identities
Provides business context and asset criticality for risk prioritization
Qualys ETM Aggregates risk signals across Qualys and third-party tools
Delivers unified risk scoring, prioritization, and remediation orchestration
Salary Range
The salary range for this position is $210,000 - $240,000 per year. Final compensation will be determined based on several factors, including but not limited to skills, relevant experience, and work location. Please note this range reflects base salary and does not include incentive compensation or potential equity grants.
Benefits
We also offer a comprehensive and highly competitive benefits package.
EEO Policy
Qualys is an Equal Opportunity Employer, please see our EEO policy.