Senior Technical Program Manager, Security

The Senior Security TPM will own and coordinate initiatives that scale Webflow’s security processes, reduce risk and better manage Webflow’s attack surface. Responsibilities will span from direct program ownership to broader cross-team enablement. Coordinate security-wide planning across teams — tracking dependencies, aligning on priorities, and maintaining roadmap visibility.

Lead the end-to-end Vulnerability Management lifecycle, from discovery to remediation. Manage stakeholder communication, and cross-functional alignment. Partner with Engineering to ensure vulnerability ownership, ticket quality, and remediation clarity. Maintain and improve Jira workflows for vulnerability and security ticketing. Develop and publish vulnerability metrics and dashboards for visibility and accountability.

Collaborate with SMEs in AppSec and SecDevOps to maintain full scanning and tooling coverage Maintain VM documentation, operating procedures, and readiness for audits. Identify opportunities for automation or reporting enhancements that scale VM effectiveness.