Senior Product Manager - ASPM

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About The Role:

We are seeking a Senior Product Manager to join CrowdStrike's Falcon Cloud Security team. In this role, you will own the strategy, roadmap, and execution for our Application Security Posture Management (ASPM) capabilities within Falcon Cloud Security, driving our vision of comprehensive code-to-cloud protection. You will work at the intersection of application security and cloud security to help customers prioritize and remediate the risks that matter most. This position requires a strategic thinker who understands both the developer experience and enterprise security operations, and can bridge the gap between AppSec and CloudSec teams to deliver innovative solutions that stop breaches before they happen.

What You’ll Do:

• You will be responsible for translating the ASPM vision into a detailed product strategy, roadmap, and development backlog that drives code-to-cloud visibility and risk prioritization across the entire application lifecycle
• You will own and manage the end-to-end product development lifecycle for ASPM capabilities, leading product release cycles, identifying and proactively solving bottlenecks, and raising flags when needed to ensure successful delivery
• You will drive the convergence of ASPM and CNAPP by defining requirements and user stories that correlate application security with cloud runtime and proactive context (CSPM, CWPP, CIEM) to eliminate security silos and deliver a unified risk and security platform.
• You will be accountable for gathering and synthesizing insights from AppSec engineers, CloudSec teams, DevOps practitioners, and CISOs through customer interviews, user research, and competitive analysis to identify high-impact product opportunities
• You will define and own key product metrics and success criteria including mean-time-to-remediation, vulnerability prioritization accuracy, developer adoption rates, and reduction in exploitable attack surface, using data to drive continuous product optimization
• You will lead cross-functional collaboration with engineering, design, marketing, sales, and customer success to deliver developer-centric features including pull-request scanning, policy-as-code enforcement, and automated remediation workflows
• You will serve as the subject matter expert and evangelist for ASPM, presenting to customers, industry analysts executives, and at conferences to position CrowdStrike as the leader in the converging ASPM/CNAPP market.
  
  

What You’ll Need:

• Bachelor's degree in Computer Science, Engineering, or related technical field
• 5+ years of product management experience in application security, cloud security, DevSecOps tooling, or related B2B SaaS domains
• Deep understanding of application security testing tools (SAST, SCA, DAST, IAST, secrets scanning) and their role in the software development lifecycle
• Strong technical knowledge of cloud-native architectures, containers, Kubernetes, CI/CD pipelines, and infrastructure-as-code (Terraform, CloudFormation)
• Proven ability to build products for technical personas including developers, AppSec engineers, and CloudSec/DevOps teams, with empathy for their distinct workflows and priorities
• Data-driven approach to product decisions with experience using analytics to measure security outcomes, risk reduction, and developer productivity
• Exceptional communication skills with ability to translate complex technical concepts for executive audiences and influence cross-functional stakeholders
  
  

Bonus Points:

• Direct experience with CNAPP platforms (CSPM, CWPP, CIEM) or ASPM solutions
• Background in software engineering, security research, or hands-on AppSec/DevSecOps roles that provide deep technical credibility
• Familiarity with SBOM standards, SLSA framework, supply chain security, and emerging application security regulations
• Track record of successfully launching security products that achieved analyst recognition (Gartner, Forrester, IDC) or significant market share in competitive categories
• Experience managing products serving Fortune 500 enterprises with complex multi-cloud environments and stringent compliance requirements (SOC 2, FedRAMP, PCI-DSS)
  
  

Benefits Of Working At CrowdStrike:

• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe
  
  

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

,

Bonus Points:

• Direct experience with CNAPP platforms (CSPM, CWPP, CIEM) or ASPM solutions
• Background in software engineering, security research, or hands-on AppSec/DevSecOps roles that provide deep technical credibility
• Familiarity with SBOM standards, SLSA framework, supply chain security, and emerging application security regulations
• Track record of successfully launching security products that achieved analyst recognition (Gartner, Forrester, IDC) or significant market share in competitive categories
• Experience managing products serving Fortune 500 enterprises with complex multi-cloud environments and stringent compliance requirements (SOC 2, FedRAMP, PCI-DSS)