Security Program Manager (founding team)

At XBOW, we’re redefining the future of cybersecurity by building the world's first autonomous pentester, powered by AI. Today, the gold standard for securing software systems is human pentesters, but with the rise of artificial intelligence, we’re stepping up to scale offensive security to meet the ever-growing demand.

AI is transforming the landscape of both cybersecurity and cyberattacks. While millions of people without security expertise are creating software, bad actors are using AI to launch more effective attacks. XBOW fights back with AI-driven superpowers, enabling security teams to stay one step ahead. Our autonomous AI solves 75% of web app security benchmarks with zero human intervention—and at superhuman speed.

What makes XBOW truly unique? Like human experts, it forges creative attacks, adapts its learnings, and continuously works to find vulnerabilities faster than anyone ever could. We’re not only simulating threats—we’re also finding and responsibly disclosing real-world vulnerabilities, ensuring organizations can fix issues before they’re exploited. XBOW isn’t just a tool; it’s a transformative force in the secure development lifecycle.

Backed by Sequoia Capital and a team that includes the creators of GitHub Copilot and GitHub Advanced Security, XBOW is not just keeping up with the times—we’re shaping the future of cybersecurity. Our mission is simple: to defeat the bad actors before they strike, using AI to revolutionize how we approach offensive security.

We’re building something that must be built, and we’re the team to do it. Join us in shaping the next frontier of autonomous security.

We’re looking for a Security Program Manager to partner with our most strategic enterprise customers and help them operationalize AI-driven offensive security at scale. Your mission: drive seamless onboarding, deep product adoption, and measurable impact within large and complex security organizations.

This role sits at the intersection of application security, customer success, and technical program management. You’ll work directly with security leaders, application owners, and CISOs to ensure successful deployments and lasting outcomes—acting as a trusted advisor on how to integrate autonomous pentesting into modern security programs.

You’ll need to bring credibility in application security, comfort navigating both strategic and technical conversations, and the ability to drive outcomes with minimal oversight. This is a high-ownership, high-impact role where you’ll help shape not only customer success but also how the world adopts autonomous security.

• Lead onboarding for enterprise customers, helping them integrate their applications into XBOW and standing up meaningful usage from day one.

• Work directly with security engineers, appsec leads, and platform owners to ensure a technically sound and secure deployment.

• Act as the primary point of contact for all things post-sale—driving engagement, resolving blockers, and ensuring consistent product value.

• Understand and map the customer’s security program to XBOW’s capabilities and surface insights to improve adoption.

• Own technical success and satisfaction across your book of business—measured by consumption, CSAT, and long-term retention.

• Be fluent in appsec concepts and tooling and able to translate platform value to technical and non-technical stakeholders alike.

• Collaborate internally across product, engineering, and go-to-market teams to advocate for customer needs and bring structure to our customer success motion.

• Represent XBOW at industry events and customer sessions where security credibility and hands-on expertise matter.

• Experienced in application security, offensive security, or appsec-adjacent domains on an enterprise level - you understand modern security programs and can speak with authority.

• Comfortable navigating complex enterprise relationships, especially within engineering and security organizations.

• Strong technical acumen and empathy - you can bridge the gap between user workflows and platform behavior.

• Proven ability to manage enterprise-scale programs with limited oversight, bringing structure, urgency, and focus.

• Excellent communicator - clear, credible, and calm under pressure.

• Thrives in early-stage environments and enjoys building while delivering.

• Worked in customer-facing roles in cybersecurity startups.

• Relevant security qualifications (e.g. CISSP, CCSP, CISM etc.).

• Deep familiarity with secure development practices and CI/CD pipelines.

• Experience with customer QBRs, technical demos, or platform onboarding.

• Background in pen testing or offensive security techniques.

• Compensation & Equity: Competitive salary and a meaningful equity package—you’ll be a true owner in what we’re building.

• Customer Impact: Work directly with forward-thinking enterprise security teams solving some of the hardest problems in the space.

• Career Growth: As one of the first Customer Success hires, you’ll help shape this function and have room to grow as we scale.

• Mission-Driven Team: Join a company that’s not just following the AI wave—we’re defining what the future of security looks like.

• Location: Remote in the US (all team members are remote but we meet regularly and you’re supported to travel to collaborate with colleagues in person).

• Contract: Full-time.

• Hiring Process:

  1. 30-min introductory chat.

  2. Interview with our Head of Product & Customer Success (~60mins).

  3. Take home working session relevant to the role.

  4. Presentation of working session artifacts.

  5. Final conversation with our CEO and founder, Oege de Moor.

We’re looking for someone who combines technical credibility in security with the grit to make customers successful at scale. If you’re excited by the challenge of bringing autonomous pentesting to the world’s most sophisticated security teams, we’d love to talk.

Even if you don’t meet every requirement, we encourage you to apply. We value curiosity, resilience, and people who are excited to build the future of security with us.