Business Area:

Seniority Level:

Job Description:

At Cloudera, we empower people to transform complex data into clear and actionable insights. With as much data under management as the hyperscalers, we're the preferred data partner for the top companies in almost every industry. Powered by the relentless innovation of the open source community, Cloudera advances digital transformation for the world’s largest enterprises.

As a Security Product Manager at Cloudera, you will drive critical security initiatives across the Cloudera Data Platform (CDP), with a primary focus on compliance, vulnerability management, and public sector security requirements. This role is responsible for defining and delivering security capabilities that enable customers—particularly government and regulated industries—to deploy the Cloudera platform securely and confidently at scale across hybrid and private cloud environments.

You will work closely with engineering, security, legal, compliance, and field teams to ensure the Cloudera platform meets evolving security standards, responds effectively to vulnerabilities, and maintains leadership in enterprise and public sector security.

Key Responsibilities

Security Strategy & Roadmap

• Own and execute the security product roadmap for platform-level security initiatives, including FIPS 140-2/140-3 compliance, cryptographic standards, and secure configuration baselines.

• Translate regulatory, customer, and internal security requirements into clear product requirements aligned with Cloudera’s hybrid and private cloud strategy.

FIPS & Compliance Ownership

• Lead product efforts related to FIPS certification, including scope definition, dependency alignment, validation planning, and ongoing compliance maintenance.

• Partner with engineering, security architects, and compliance teams to ensure cryptographic modules and platform components meet required standards.

• Serve as the product point of contact for audits, certifications, and customer security assessments related to FIPS and compliance.

Vulnerability & CVE Management

• Own the product response and prioritization for security vulnerabilities and CVEs across the platform.

• Work cross-functionally with security engineering, release management, and support to ensure timely mitigation, remediation, and customer communication.

• Define and improve processes for vulnerability tracking, impact assessment, and security advisories.

Public Sector Security Leadership

• Act as the product lead for public sector security requirements, including federal, state, and regulated industry needs.

• Partner with public sector field teams, customers, and partners to understand mission-critical security expectations and translate them into platform capabilities.

• Support public sector go-to-market motions through roadmap alignment, security positioning, and customer briefings.

Cross-Functional Collaboration

• Collaborate closely with engineering to define requirements, manage trade-offs, and ensure secure-by-design implementations.

• Work with legal, compliance, documentation, and support teams to ensure security features are well-documented, supportable, and auditable.

• Enable sales and customer success teams with clear security messaging, documentation, and responses to customer security inquiries.

Metrics & Outcomes

• Define and track success metrics related to compliance readiness, vulnerability response SLAs, customer security satisfaction, and adoption of security features.

• Continuously improve Cloudera’s security posture based on customer feedback, audits, and threat landscape changes.

Required Qualifications

• Education: Bachelor’s degree in Computer Science, Engineering, Information Systems, Business, or a related field or equivalent practical experience.

• Experience: 3–5+ years of product management experience in enterprise software, platforms, or infrastructure.

• Strong understanding of security fundamentals, including cryptography, vulnerability management, secure software development, and compliance frameworks.

• Experience working with or around FIPS certification, CVEs, security advisories, or regulated environments.

• Ability to work effectively with deeply technical engineering and security teams.

• Excellent written and verbal communication skills, with the ability to explain complex security topics to both technical and non-technical audiences.

Preferred Qualifications

• Experience supporting public sector or regulated industry customers (government, defense, healthcare, financial services).

• Familiarity with security standards and frameworks (e.g., FIPS 140-2/140-3, NIST, FedRAMP, Common Criteria).

• Background in data platforms, distributed systems, or cloud / hybrid infrastructure.

• Experience working with open-source software and security disclosure processes.

What you can expect from us:

• Generous PTO Policy

• Support work life balance with Unplugged Days

• Flexible WFH Policy

• Mental & Physical Wellness programs

• Phone and Internet Reimbursement program

• Access to Continued Career Development

• Comprehensive Benefits and Competitive Packages

• Paid Volunteer Time

• Employee Resource Groups

EEO/VEVRAA

#LI-NK1