[Remote] Director, Product Security at Bonterra

United States

Apply Now

Not SpecifiedCompensation

N/AExperience Level

N/AJob Type

Not SpecifiedVisa

N/AIndustries

Requirements

5–7 years of experience in software development or engineering roles, including 2–3 years in a leadership role
Proficiency in at least one major language (C#, Java, Python, Ruby, etc.)
Strong knowledge of secure design principles (e.g., threat modeling, least privilege, cryptography) and common software vulnerabilities (e.g., CWE Top 25, OWASP Top 10)
Excellent written and verbal communication skills; able to translate complex technical topics for both engineers and executives
Demonstrated ability to make pragmatic risk-based decisions and prioritize effectively in a fast-moving environment
Experience securing cloud-native applications (AWS, Azure, GCP)
Experience embedding security in M&A due diligence and product integrations
Familiarity with security and compliance frameworks (NIST, ISO, SOC 2, PCI DSS, CIS Controls)
Experience influencing product roadmaps, customer assurance, and security-as-a-feature discussions

Responsibilities

Report directly to the CISO and own the Product Security program across Bonterra’s SaaS portfolio
Champion secure-by-design practices across the entire software lifecycle — from architecture and design, to CI/CD pipelines, to production monitoring
Partner closely with R&D, Product, M&A, and IT leaders to embed security into product decisions, integrations, and innovation initiatives
Build and scale security programs through automation, tooling, and training — not just headcount
Define and execute a multi-year roadmap for Product Security that addresses gaps in coverage, staffing, and capabilities as Bonterra grows
Oversee vulnerability management across applications: review findings (SAST, DAST, SCA, penetration tests, bug bounty), assess risk, and drive remediation with engineering partners
Lead activities such as:
a. Threat modeling and design reviews
b. Third-party / M&A product security assessments
c. Secure code review and testing
d. Secure open-source and third-party component lifecycle management
e. Centralized tracking, prioritization, and metrics reporting
Develop meaningful, quantitative metrics that demonstrate product security health, progress, and business value
Identify systemic classes of vulnerabilities, design scalable defenses, and evangelize secure coding and product patterns across engineering

Skills

Bonterra

Technology solutions for social impact organizations

About Bonterra

Bonterra provides technology solutions aimed at helping organizations focused on social good, such as nonprofits and public sector entities, operate more efficiently. Their products include software for managing donations, tracking impact, and coordinating volunteer efforts, which streamline operations and enhance fundraising capabilities. Bonterra stands out from competitors by specifically targeting the social impact sector and aligning its success with that of its clients through a business model based on subscription fees and transaction fees on donations. The company's goal is to empower organizations to maximize their efforts in creating positive social change, as evidenced by their impact of facilitating $7.4 billion in donations to 225,000 nonprofits in 2021.

Austin, TexasHeadquarters

2023Year Founded

VENTURE_UNKNOWNCompany Stage

Consulting, Social ImpactIndustries

1,001-5,000Employees

Benefits

Generous Flexible Time Off

Paid Holidays

Paid Volunteer Time

Paid Parental Leave

Paid Sick Leave

Health Insurance

Vision Insurance

Dental Insurance

Life Insurance

Resources for savings and investments

Opportunities to learn, develop, network, and connect

Risks

Competition from established players like Blackbaud and Salesforce.org is intense.

Potential integration challenges from recent acquisitions could disrupt operations.

Dependence on partnerships like iWave may pose risks if synergies aren't realized.

Differentiation

Bonterra offers a comprehensive suite of tools for nonprofits and social good organizations.

The company focuses on empowering social impact initiatives with advanced technology solutions.

Bonterra's acquisition of DonorDrive enhances its digital fundraising capabilities.

Upsides

Growing demand for digital transformation in nonprofits boosts Bonterra's market potential.

Integration of AI in fundraising software enhances donor engagement and campaign effectiveness.

Bonterra's expansion into employee engagement solutions broadens its market reach.

Land your dream remote job 3x faster with AI

Try Jobo Free