More jobs:
Job Description & How to Apply Below
Title:
Technical Product Manager – CyberGRC
Job Location :
- Bengaluru
We are looking for an experienced and driven Technical Product Manager – CyberGRC to lead the evolution of Metric Stream's AI-powered Cyber Risk and Compliance product suite. This role sits at the intersection of deep cybersecurity domain expertise and modern product innovation.
The ideal candidate will have hands-on experience delivering or using cyber GRC platforms — and will bring a sharp understanding of the space. You will shape the product roadmap to advance Metric Stream's capabilities across continuous compliance automation, AI-driven risk management and real-time cyber risk visibility — driving Metric Stream's transition to a continuous and autonomous compliance and risk platform.
You will own the product strategy and execution for capabilities spanning the full CyberGRC lifecycle, including:
IT and Cyber Risk management
Risk assessment workflows with pre-packaged and customizable risk libraries, scoring algorithms, and treatment plans
Vulnerability management integration: ingesting signals from vulnerability scanners, ITSM platforms, EDR tools, and cloud security posture tools to surface and prioritize risk findings
Exposure management capabilities linking technical findings (vulnerabilities, misconfigurations) to quantified business impact
Threat intelligence integration feeding real-time context into risk registers and dashboards
Continuous cyber risk quantification (CRQ) using FAIR-based financial models, enabling CISOs to express risk in business terms for board and regulatory reporting
AI agents that autonomously assess, prioritize, and summarize risk exposure across the IT and cyber landscape
Predictive risk scoring and heat maps with automated, real-time updates — moving beyond static, point-in-time assessments
Compliance Automation & Framework Management
Continuous controls monitoring and automated evidence collection across major frameworks: ISO 27001, NIST CSF, NIST SP 800-53, SOC 2, PCI DSS, HIPAA, GDPR, DORA, and the NIST AI RMF
Cross-framework control mapping so customers satisfy multiple requirements without duplicate effort
Agentic policy management: AI-driven policy generation, version control, change summaries, and automated approval workflows
Audit-readiness workflows with continuously collected auditor-facing evidence packages
Reporting, Dashboards & Stakeholder Communication
Executive and board-level dashboards that translate cyber risk posture into financial and business terms
Regulator-ready reports for SEC, NYDFS, DORA, and other mandated disclosures
Trust center capabilities allowing customers to share real-time compliance posture with auditors and enterprise customers
AI & Emerging Risk Domains
Governance capabilities for GenAI risk, including prompt injection, model abuse, training data risks, and LLM-specific attack vectors
AI Security Assessments aligned to ISO 42001, NIST AI RMF, and the EU AI Act
Explainable AI features that surface rationale behind automated risk scores and recommendations
Key Responsibilities
Product Roadmap & Execution: Own the CyberGRC product vision and multi-quarter roadmap, making strategic prioritization decisions informed by competitive intelligence, customer research, and Metric Stream's ConnectedGRC platform strategy.
Competitive Product Strategy: Maintain deep awareness of how Metric Stream's CyberGRC competes with competitors — and identify features that close gaps or establish differentiated leadership.
Customer & CISO Engagement :
Lead discovery sessions, design sprints, and advisory conversations with CISOs, cyber risk managers, compliance officers, and security teams to uncover unmet needs and validate product direction.
Requirements Management :
Translate complex cybersecurity workflows and regulatory requirements into crisp product requirements, user stories, and acceptance criteria grounded in real-world risk scenarios.
Cross-Functional Collaboration :
Partner closely with engineering, data science, UX, and QA to ship secure, scalable, and high-quality product capabilities on time.
AI Feature Development: Define use cases and requirements for AI-powered features…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×