Director/Sr Director, Product Management, Risk-Based Vulnerability Mgmt (RBVM)

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Job Description: Director/Sr Director of Product Management – RBVM, ASM, CTEM – Risk Operation Center (ROC)

Date posted: April 2026

About The Job

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Director/Sr Director of Product Management – RBVM, CTEM, ASM – Risk Operation Center (ROC)

Location: Foster City, CA, USA

Organization: Product GTM & SME

Reports To: SVP of Product Management

Role Overview

Qualys is seeking a Director / Sr. Director of Product Management to lead its flagship Risk-Based Vulnerability Management (RBVM) product powered by Qualys VMDR and drive the evolution toward Continuous Threat Exposure Management (CTEM) via Qualys ETM.

This leader will own the end-to-end product strategy, execution, and business performance of VMDR, serving 8,000 global customers, while driving the transition from vulnerability management → risk-based prioritization → autonomous remediation → CTEM platform adoption.

You will lead a team of 5 product managers, partner with engineering, GTM, and field teams, and directly influence revenue growth, customer retention, and platform expansion.

What You Will Be Doing

Product Ownership: VMDR (RBVM)

This role sits at the intersection of VMDR (execution) → ETM (risk platform), part of ROC (Risk Operation Center)

What Makes This Role Unique

• Own Qualys’ flagship product (VMDR) used by thousands of enterprises
• Drive transition from VM → CTEM platform leadership
• Build Agentic AI–powered security workflows
• Direct impact on revenue, growth, and company strategy
• Lead the next evolution of cybersecurity: autonomous risk reduction
  
  
  

Strategic Mandate (What You’ll Really Be Doing)

This role is fundamentally about:

• Turning VMDR into the front door of Qualys platform growth
• Using AI workflows to drive customer expansion into ETM
• Building the industry’s first autonomous RemOps CTEM platform
  
  
  

Key Responsibilities

Product Leadership - Own VMDR as a Business (P&L Mindset)

• Own product strategy, roadmap, and execution for VMDR
• Lead and mentor a team of 5 Product Managers
• Drive innovation across:
• vulnerability prioritization (RBVM)
• remediation workflows
• asset-risk correlation
• Deliver features that reduce MTTR and improve risk reduction outcomes
  
  
  

Business Ownership (Revenue Growth)

Own end-to-end business metrics:

• ARR / revenue growth for VMDR product line
• Customer renewals and retention
• Cross-sell and upsell into:
• ETM
• CSAM
• Patch / Remediation solutions
• Partner with GTM teams to:
• Drive pipeline generation
• Enable Sales with product positioning
• Define pricing and packaging strategy
  
  
  

Customer-Centric Innovation (Short–Mid Term)

Drive customer deal-breaker capabilities including:

• Scalable remediation workflows and automation
• Better prioritization beyond CVSS (business context, exploitability)
• Improved reporting, dashboards, and executive insights
• Seamless ITSM / DevOps integrations
• Cross-asset visibility (cloud, endpoint, identity)
  
  
  

Translate customer friction → product wins → revenue growth

Lead RBVM → CTEM Evolution

• Define roadmap to evolve VMDR into:
• Risk-based vulnerability management (RBVM)
• Exposure management platform
• CTEM-aligned workflows
• Build tight integration with:
• CSAM (asset context)
• ETM (risk aggregation and prioritization)
  
  
  

Drive VMDR “Deal Breaker” Requirements (0–18 Months)

• Identify and deliver top customer gaps blocking large deals, such as:
• Faster prioritization accuracy (TruRisk improvements)
• Better remediation workflows (ownership, SLA tracking)
• Reporting and executive dashboards
• Scalable performance for large enterprises
  
  
  
  

• Partner with field (SEs, TAMs) to capture:
• Competitive losses
• Renewal risks
• Enterprise feature gaps
  
  
  

Design Agentic AI Workflows (Next-Gen Differentiation)

• Lead innovation in Agentic AI-driven vulnerability remediation, including:
• Intelligent prioritization agents (what to fix first)
• Remediation planning agents (patch vs mitigate vs isolate)
• Workflow orchestration agents (who should fix it)
• Autonomous nudges and recommendations
  
  
  

Success Metrics

• VMDR revenue growth and market share
• ETM attach rate (VMDR → ETM conversion)
• Customer retention and renewal rates
• MTTR reduction across customer base
• Adoption of new AI-driven features
• Pipeline contribution and deal acceleration
  
  
  

Experience Required

Experience working with platforms like Qualys and competitive vendor landscape focusing on RBVM, CTEM, AppSec, ASPM, CNAPP etc.

• 10–15 years in Product Management (cybersecurity preferred)
• Deep expertise in:
• Vulnerability Management
• Risk-Based VM (RBVM)
• Exposure Management / CTEM
• Proven experience owning large-scale enterprise products
• Strong understanding of:
• cloud, endpoint, identity, and application security
• Experience working with:
• CISOs, CIOs, and security teams
  
  
  

Preferred

• Experience building AI/ML-driven security products
• Knowledge of:
• attack surface management
• remediation workflows
• ITSM / DevOps integrations
• Track record of:
• scaling products from platform → ecosystem
• driving upsell / cross-sell motions
  
  
  

Product Context

Qualys VMDR

• Unified platform to discover, assess, prioritize, and remediate vulnerabilities across hybrid environments
• AI-driven prioritization and integrated patch workflows
• Core revenue engine and entry point for Qualys customers
  
  
  

Qualys CSAM

• Continuous asset discovery across IT, cloud, containers, identities
• Provides business context and asset criticality for risk prioritization
  
  
  

Qualys ETM

• Aggregates risk signals across Qualys and third-party tools
• Delivers unified risk scoring, prioritization, and remediation orchestration
  
  
  

The salary range for this position is $210,000 - $240,000 per year. Final compensation will be determined based on several factors, including but not limited to skills, relevant experience, and work location. Please note this range reflects base salary and does not include incentive compensation or potential equity grants. We also offer a comprehensive and highly competitive benefits package.

Qualys is an Equal Opportunity Employer, please see our EEO policy.