Senior Product Manager - Security Testing

Senior Product Manager – Managed Security Testing

Location: Vadodara Office

Shift time: India shift hours

Report to: SVP

Job Description

As a Senior Product Manager of Managed Security Testing at VikingCloud, you will be responsible for the strategic planning, development, and execution of our offensive security testing services, including penetration testing as a service (PTaaS), vulnerability assessments, phishing simulations, social engineering testing, and specialized security assessments. You will own the product roadmap for VikingCloud's managed security testing portfolio, working closely with our internal security testing teams, third-party testing partners, and customers to deliver high-quality offensive security services that help merchants and financial institutions identify and remediate security weaknesses before attackers can exploit them. This role requires deep understanding of offensive security methodologies, industry certifications and frameworks (CREST, PTES, OWASP, PCI DSS ASV), and the ability to bridge technical security testing with compliance requirements.

You will collaborate with cross-functional teams including security consultants, engineering, sales, and customer success to build scalable, automated testing platforms while maintaining the rigor and quality expected from professional security assessments. Your work will directly support customers' compliance programs (PCI DSS, SOC 2, ISO 27001) while providing actionable security insights that reduce risk.

Responsibilities

• Product Strategy & Vision: Develop and execute a comprehensive product strategy for VikingCloud's managed security testing services, including penetration testing, vulnerability assessments, web application testing, mobile app testing, API testing, phishing simulations, social engineering assessments, and automated testing. Define the product vision that balances automation and scalability with the technical rigor required for professional security testing.
• AI Security Testing (AISec): Develop testing methodologies and a comprehensive product strategy for Larege Language Models (LLMs) AI Agents, Chatbots, and other AI powered technologies. This includes an “AI Red Teaming” strategy and packages for testing the robustness of customer-facing AI applications.
• PTaaS Platform Development: Lead the development of VikingCloud's Penetration Testing as a Service (PTaaS) platform, creating modern delivery mechanisms that provide continuous testing, real-time reporting, seamless remediation tracking, and collaborative workflows between testers and customers. Define platform requirements for test scoping, scheduling, execution tracking, finding management, retesting, and certification delivery.
• Testing Methodology & Standards: Ensure all security testing services adhere to industry-recognized methodologies and frameworks including CREST standards, Penetration Testing Execution Standard (PTES), OWASP Testing Guide, NIST SP 800-115, and PCI DSS testing requirements. Maintain current knowledge of CREST accreditation requirements and ensure VikingCloud's services meet or exceed these standards. Define quality assurance processes for testing deliverables.
• Certification & Compliance Alignment: Build security testing services that directly support customer compliance requirements including PCI DSS (ASV scanning, segmentation testing, penetration testing), SOC 2 Type II (security testing evidence), ISO 27001, NIST frameworks, and industry-specific regulations. Position testing services as essential compliance components that provide both security value and audit evidence.
• Roadmap Planning & Prioritization: Create and maintain detailed product roadmaps for testing services and PTaaS platform capabilities. Prioritize features and service enhancements based on customer feedback, compliance requirements, competitive analysis, revenue potential, and operational efficiency gains. Balance automation initiatives with maintaining high-quality manual testing where required.
• Phishing & Social Engineering Programs : Develop comprehensive phishing simulation and security awareness testing capabilities including campaign management, template libraries, user tracking, training integration, and reporting dashboards. Create social engineering testing services including vishing, smishing, physical security testing, and pretexting scenarios tailored to different industries and threat models.
• Service Delivery & Scalability: Design service delivery models that enable VikingCloud to scale testing services efficiently while maintaining quality. Define when to use internal testers versus third-party partners, automation versus manual testing, and on-demand versus scheduled assessments. Create standardized