L2 Product Owner – Application Security (AppSec)
Location: Charlotte, NC (Preferred) or Dallas, TX
Work Arrangement: Hybrid (3 days onsite per week)
Duration: 12-Month Contract (Potential for Extension and Conversion)
Pay Rate: $60-$65/hr
Position Overview:
We are seeking an experienced L2 Product Owner – Application Security (AppSec) to support a large-scale enterprise Application Security organization. This role will partner with engineering teams, security stakeholders, and leadership to drive the delivery of security products and initiatives that protect enterprise applications and software development processes.
The Product Owner will be responsible for translating strategic objectives into actionable features, managing product backlogs, defining priorities, and ensuring successful execution across multiple Agile delivery teams. This role requires a strong combination of Product Ownership experience and Application Security expertise.
Key Responsibilities
Product Strategy & Execution
- Translate Application Security strategy, vision, and roadmap into executable product features and deliverables.
- Align product initiatives with enterprise security objectives and business priorities.
- Support execution of security-focused programs across multiple Agile delivery teams.
Product Ownership
- Own and manage product features throughout the development lifecycle.
- Define and maintain product roadmaps, feature requirements, and acceptance criteria.
- Ensure adherence to enterprise product management standards and governance processes.
Agile Delivery & Planning
- Lead product planning activities, including quarterly and annual roadmap development.
- Break down initiatives into epics, features, and user stories.
- Collaborate with Scrum teams to define priorities, timelines, and delivery milestones.
- Drive initiatives from intake through implementation and release.
Backlog Management & Prioritization
- Maintain and prioritize the product backlog based on business value, security risk, and strategic objectives.
- Balance competing priorities while ensuring alignment with organizational goals.
- Refine requirements and facilitate backlog grooming sessions with stakeholders and engineering teams.
Stakeholder Collaboration
- Serve as the primary liaison between business stakeholders, security teams, and engineering organizations.
- Partner closely with technical teams to ensure successful feature delivery and adoption.
- Communicate progress, risks, dependencies, and outcomes to leadership and stakeholders.
Application Security Focus Areas
This role supports enterprise Application Security initiatives including:
- Vulnerability Management
- Secure Software Development Practices
- Application Security Testing
- Code Security Reviews
- Risk Identification and Remediation
- DevSecOps Integration
Relevant Technologies & Concepts
- Static Application Security Testing (SAST)
- Software Composition Analysis (SCA)
- Vulnerability Scanning Tools (e.g., Checkmarx, TruffleHog)
- Secure Coding Principles
- DevSecOps Methodologies
- Application Security Risk Management
Required Qualifications
- Proven experience as a Product Owner within a product operating model environment.
- Strong hands-on knowledge of Application Security (AppSec) concepts and practices.
- Experience working in Agile/Scrum environments.
- Ability to translate strategic objectives into detailed product requirements and execution plans.
- Experience managing product backlogs, prioritization, and roadmap planning.
- Strong communication, facilitation, and stakeholder management skills.
- Ability to collaborate effectively with engineering and security teams.
Preferred Qualifications
- Prior experience in Application Security Engineering before transitioning into Product Ownership.
- Experience supporting security programs within large enterprise environments.
- Familiarity with enterprise security frameworks, governance, and compliance standards.
- Experience supporting multiple delivery teams within a scaled Agile environment.
Ideal Candidate
The ideal candidate combines strong Product Ownership capabilities with deep Application Security expertise. Candidates should be comfortable partnering with technical teams, managing complex security initiatives, and driving product delivery in a fast-paced enterprise environment. A background in Application Security engineering or security-focused product management is highly desirable.