Director/Sr Director, Product Management, Risk-Based Vulnerability Mgmt (RBVM)

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Job Description: Director/Sr Director of Product Management - RBVM, ASM, CTEM - Risk Operation Center (ROC)

Date posted: April 2026

About the job

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Director/Sr Director of Product Management - RBVM, CTEM, ASM - Risk Operation Center (ROC)

Location: Foster City, CA, USA

Organization: Product GTM & SME

Reports To: SVP of Product Management

Role Overview

Qualys is seeking a Director / Sr. Director of Product Management to lead its flagship Risk-Based Vulnerability Management (RBVM) product powered by Qualys VMDR and drive the evolution toward Continuous Threat Exposure Management (CTEM) via Qualys ETM.

This leader will own the end-to-end product strategy, execution, and business performance of VMDR, serving 8,000+ global customers, while driving the transition from vulnerability management risk-based prioritization autonomous remediation CTEM platform adoption.

You will lead a team of 5+ product managers, partner with engineering, GTM, and field teams, and directly influence revenue growth, customer retention, and platform expansion.

What You Will Be Doing

Product Ownership: VMDR (RBVM)

This role sits at the intersection of VMDR (execution) ETM (risk platform), part of ROC (Risk Operation Center)

What Makes This Role Unique

• Own Qualys' flagship product (VMDR) used by thousands of enterprises
• Drive transition from VM CTEM platform leadership
• Build Agentic AI-powered security workflows
• Direct impact on revenue, growth, and company strategy
• Lead the next evolution of cybersecurity: autonomous risk reduction

Strategic Mandate (What You'll Really Be Doing)

This role is fundamentally about:

• Turning VMDR into the front door of Qualys platform growth
• Using AI + workflows to drive customer expansion into ETM
• Building the industry's first autonomous RemOps + CTEM platform

Key Responsibilities

Product Leadership - Own VMDR as a Business (P&L Mindset)

• Own product strategy, roadmap, and execution for VMDR
• Lead and mentor a team of 5+ Product Managers
• Drive innovation across:
• vulnerability prioritization (RBVM)
• remediation workflows
• asset-risk correlation
• Deliver features that reduce MTTR and improve risk reduction outcomes

Business Ownership (Revenue + Growth)

Own end-to-end business metrics:

• ARR / revenue growth for VMDR product line

• Customer renewals and retention

• Cross-sell and upsell into:

• ETM

• CSAM

• Patch / Remediation solutions

• Partner with GTM teams to:

• Drive pipeline generation

• Enable Sales with product positioning

• Define pricing and packaging strategy

Customer-Centric Innovation (Short-Mid Term)

Drive customer deal-breaker capabilities including:

• Scalable remediation workflows and automation
• Better prioritization beyond CVSS (business context, exploitability)
• Improved reporting, dashboards, and executive insights
• Seamless ITSM / DevOps integrations
• Cross-asset visibility (cloud, endpoint, identity)

Translate customer friction product wins revenue growth

Lead RBVM CTEM Evolution

• Define roadmap to evolve VMDR into:

• Risk-based vulnerability management (RBVM)

• Exposure management platform

• CTEM-aligned workflows

• Build tight integration with:

• CSAM (asset context)

• ETM (risk aggregation and prioritization)

Drive VMDR "Deal Breaker" Requirements (0-18 months)

• Identify and deliver top customer gaps blocking large deals, such as:

• Faster prioritization accuracy (TruRisk improvements)

• Better remediation workflows (ownership, SLA tracking)

• Reporting and executive dashboards

• Scalable performance for large enterprises

• Partner with field (SEs, TAMs) to capture:

• Competitive losses

• Renewal risks

• Enterprise feature gaps

Design Agentic AI Workflows (Next-Gen Differentiation)

• Lead innovation in Agentic AI-driven vulnerability remediation, including:
• Intelligent prioritization agents (what to fix first)
• Remediation planning agents (patch vs mitigate vs isolate)
• Workflow orchestration agents (who should fix it)
• Autonomous nudges and recommendations

Success Metrics

• VMDR revenue growth and market share
• ETM attach rate (VMDR ETM conversion)
• Customer retention and renewal rates
• MTTR reduction across customer base
• Adoption of new AI-driven features
• Pipeline contribution and deal acceleration

Experience required

Experience working with platforms like Qualys and competitive vendor landscape focusing on RBVM, CTEM, AppSec, ASPM, CNAPP etc.

• 10-15+ years in Product Management (cybersecurity preferred)

• Deep expertise in:

• Vulnerability Management

• Risk-Based VM (RBVM)

• Exposure Management / CTEM

• Proven experience owning large-scale enterprise products

• Strong understanding of:

• cloud, endpoint, identity, and application security

• Experience working with:

• CISOs, CIOs, and security teams

Preferred

• Experience building AI/ML-driven security products

• Knowledge of:

• attack surface management

• remediation workflows

• ITSM / DevOps integrations

• Track record of:

• scaling products from platform ecosystem

• driving upsell / cross-sell motions

Product Context

Qualys VMDR

• Unified platform to discover, assess, prioritize, and remediate vulnerabilities across hybrid environments
• AI-driven prioritization and integrated patch workflows
• Core revenue engine and entry point for Qualys customers

Qualys CSAM

• Continuous asset discovery across IT, cloud, containers, identities
• Provides business context and asset criticality for risk prioritization

Qualys ETM

• Aggregates risk signals across Qualys and third-party tools
• Delivers unified risk scoring, prioritization, and remediation orchestration
• The salary range for this position is $210,000 - $240,000 per year. Final compensation will be determined based on several factors, including but not limited to skills, relevant experience, and work location. Please note this range reflects base salary and does not include incentive compensation or potential equity grants. We also offer a comprehensive and highly competitive benefits package.

Qualys is an Equal Opportunity Employer, please see our EEO policy.