Product Manager - Cyber Risk (GRC)

We are hiring for-

Role: Technical product Manager

Experience: 5-10 Years

Location: Bangalore

Work Mode: Hybrid

Key Responsibilities

• Product Roadmap & Execution:

  Lead the product vision and execution for AI features in our GRC suite, bringing insight into leveraging AI for threat detection, vulnerability management, and risk quantification.

• Cross-functional Collaboration:

  Partner with engineering, data science, design, and QA teams to ensure the delivery of secure, scalable, and cyber risk-aligned product capabilities.

• User Research:

  Conduct deep-dive interviews and research with cyber stakeholders to pinpoint pain points, regulatory requirements, and opportunities for improvement across threat and control landscapes.

• Requirements Management:

  Translate complex business and user needs into clear product requirements, user stories, and acceptance criteria informed by real-world risk scenarios and industry standards.

• Prioritization & Backlog Management:

  Prioritize product enhancements to maximize value for cyber risk professionals, strengthen risk posture, and aid in incident response and resilience.

• Client Feedback Loop:

  Work with sales and customer success teams to integrate actionable client feedback into the product lifecycle, focusing on user experience for cyber risk stakeholders.

• Metrics & Analysis:

  Monitor adoption and effectiveness of AI-powered features, using product data to inform ongoing risk mitigation and reporting enhancements.

• Product Evangelism:

  Advocate for the product through presentations, documentation, and customer engagements, articulating its value for cyber risk and security teams.

• Subject Matter Expertise:

  Contribute your deep expertise in cyber risk management, threat modeling, NIST CSF, ISO 27005, and regulatory frameworks such as GDPR, PCI DSS, and DORA.

Skills and Experience

• Experience

  : 510 years in Cyber Risk, Compliance, or Security Risk Management roles, preferably within high-impact or regulated environments.

• Domain Expertise

  : Advanced understanding of cyber risk methodologies—threat identification, impact analysis, vulnerability management, and risk treatment.

• Technical Acumen

  : Familiarity with AI/ML applications in cybersecurity (e.g., anomaly detection, behavioral analytics, automated risk prioritization).

• Product Mindset

  : Experience with design thinking and product development lifecycle (PDLC).

• Compliance Frameworks

  : Working knowledge of data protection laws and cybersecurity standards (e.g., NIST, ISO 27001, SOC 2).

• Certifications

  : Professional credentials such as CISSP, CRISC, CISM, or CEH.
• Security Product Development: Proven experience in security product creation or as a subject matter expert in GRC initiatives.

Education

• Bachelor's or Master's degree in Cybersecurity, Information Technology, Risk Management, or related discipline.

--

Muugddha Vanjarii

7822804824

mugdha.vanjari@sunbrilotechnologies.com