Job Description
Note: The job is a remote job and is open to candidates in USA. Webflow is building the world’s leading AI-native Digital Experience Platform, and they are seeking a Security Technical Program Manager to lead their Security program. This role involves driving collaboration across teams and managing the Vulnerability Management lifecycle to strengthen Webflow’s security posture. Responsibilities • Coordinate security-wide planning across teams — tracking dependencies, aligning on priorities, and maintaining roadmap visibility • Lead the end-to-end Vulnerability Management lifecycle, from discovery to remediation • Manage stakeholder communication, and cross-functional alignment. Partner with Engineering to ensure vulnerability ownership, ticket quality, and remediation clarity • Experience with AI tooling and workflow automation to better drive efficiency • Maintain and improve Jira workflows for vulnerability and security ticketing • Develop and publish vulnerability metrics and dashboards for visibility and accountability • Identify and resolve process bottlenecks; drive continuous improvement in the vulnerability lifecycle • Collaborate with SMEs in AppSec and SecDevOps to maintain full scanning and tooling coverage (e.g., Socket, container scanning, SCA) • Maintain VM documentation, operating procedures, and readiness for audits (SOC 2, ISO 27001, ISO 42001) • Identify opportunities for automation or reporting enhancements that scale VM effectiveness Skills • 3-4 years of program or project management experience in technical domains such as security, infrastructure, or DevOps • Experience coordinating cross-functional delivery between engineering, security, and operations teams • Comfortable working with vulnerability management tools and workflows (e.g., Socket, container scanning, SCA, Jira) • Strong organizational skills. You can manage timelines, track remediation progress, and maintain clear documentation without losing momentum • Communicate clearly and with empathy; you're proactive about sharing updates, surfacing risks, and keeping teams aligned • Understand the importance of balancing speed with security, helping teams make informed tradeoffs that reduce risk without blocking delivery • Experience improving or building processes that make vulnerability management more scalable and predictable • Take ownership of your work, follow through on commitments, and escalate blockers early with solutions in mind • Thrive in ambiguity. You bring structure and clarity even when priorities shift or data is incomplete • Curious about how security and engineering systems fit together and how to make them stronger • Exposure to security compliance frameworks such as SOC 2, ISO 27001, or similar audit processes • Familiarity with security scanning and reporting tools (Socket, Qualys, or equivalent) • Experience supporting or coordinating incident response or vulnerability triage workflows • Background in SaaS or cloud environments with an understanding of common infrastructure patterns • Experience developing dashboards or metrics for vulnerability tracking and remediation progress • Prior experience in a fast-paced, remote-first organization or working across distributed teams Benefits • Ownership in what you help build. Every permanent Webflower receives equity (RSUs) in our growing, privately held company. • Health coverage that actually covers you. Comprehensive medical, dental, and vision plans for full-time employees and their dependents, with Webflow covering most premiums. • Support for every stage of family life. 12 weeks of paid parental leave for all parents and 6+ weeks of additional paid leave for birthing parents. Plus inclusive care for family planning, menopause, and midlife transitions. • Time off that’s actually off. Flexible vacation, paid holidays, and a sabbatical program to help you recharge and come back inspired. • Wellness for the whole you. Access to mental health resources, therapy and coaching. • Invest in your future. A 401(k) with 100% employer match (up to $6,000/year) in the U.S., and support for retirement savings globally. • Monthly stipends that flex with your life. Localized support for work and wellness expenses — from Wi-Fi to workouts. • Bonus for building together. All full-time, permanent, non-commission employees are eligible for our annual WIN bonus program. Company Overview • Webflow is a visual web design platform, CMS, and hosting provider for building production websites and prototypes. It is a sub-organization of Gitshock Finance. It was founded in 2013, and is headquartered in San Francisco, California, USA, with a workforce of 501-1000 employees. Its website is Company H1B Sponsorship • Webflow has a track record of offering H1B sponsorships, with 7 in 2025, 10 in 2024, 4 in 2023, 8 in 2022, 5 in 2021. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job
Apply tot his job
Apply To this Job