[Remote] Director, Product Security at Bonterra

United States

Apply Now
Bonterra Logo
Not SpecifiedCompensation
Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, SaaS, Nonprofit, Social GoodIndustries

Requirements

  • 5–7 years of experience in software development or engineering roles, including 2–3 years in a leadership role
  • Proficiency in at least one major language (C#, Java, Python, Ruby, etc.)
  • 5–7 years of experience in application/product security with emphasis on secure software development, code analysis, and vulnerability management
  • Strong knowledge of secure design principles (e.g., threat modeling, least privilege, cryptography) and common software vulnerabilities (e.g., CWE Top 25, OWASP Top 10)
  • Excellent written and verbal communication skills; able to translate complex technical topics for both engineers and executives
  • Demonstrated ability to make pragmatic risk-based decisions and prioritize effectively in a fast-moving environment
  • Unable to consider candidates who require current or future sponsorship for employment authorization
  • What Sets You Apart
  • Experience securing cloud-native applications (AWS, Azure, GCP)
  • Experience embedding security in M&A due diligence and product integrations
  • Track record of scaling security programs through automation, developer tooling, and guardrails
  • Familiarity with security and compliance frameworks (NIST, ISO, SOC 2, PCI DSS, CIS Controls)
  • Experience influencing product roadmaps, customer assurance, and security-as-a-feature discussions

Responsibilities

  • Report directly to the CISO and own the Product Security program across Bonterra’s SaaS portfolio
  • Champion secure-by-design practices across the entire software lifecycle — from architecture and design, to CI/CD pipelines, to production monitoring
  • Partner closely with R&D, Product, M&A, and IT leaders to embed security into product decisions, integrations, and innovation initiatives
  • Build and scale security programs through automation, tooling, and training — not just headcount
  • Define and execute a multi-year roadmap for Product Security that addresses gaps in coverage, staffing, and capabilities as Bonterra grows
  • Oversee vulnerability management across applications: review findings (SAST, DAST, SCA, penetration tests, bug bounty), assess risk, and drive remediation with engineering partners
  • Lead activities such as: Threat modeling and design reviews; Third-party / M&A product security assessments; Secure code review and testing; Secure open-source and third-party component lifecycle management; Centralized tracking, prioritization, and metrics reporting
  • Develop meaningful, quantitative metrics that demonstrate product security health, progress, and business value
  • Identify systemic classes of vulnerabilities, design scalable defenses, and evangelize secure coding and product patterns across engineering

Skills

Key technologies and capabilities for this role

Product SecuritySecure-by-DesignThreat ModelingVulnerability ManagementSASTDASTSCAPenetration TestingBug BountyCI/CDCode ReviewArchitecture ReviewDesign ReviewThird-Party Risk

Questions & Answers

Common questions about this position

What experience is required for the Director, Product Security role?

Candidates need 5–7 years of experience in software development or engineering roles, including 2–3 years in a leadership role, plus 5–7 years in application/product security with emphasis on secure software development, code analysis, and vulnerability management.

What technical skills are needed for this position?

Proficiency in at least one major language such as C#, Java, Python, or Ruby is required, along with strong knowledge of secure design principles like threat modeling, least privilege, cryptography, and common vulnerabilities such as CWE Top 25 and OWASP Top 10.

What is the salary or compensation for this role?

This information is not specified in the job description.

Is this a remote position or what is the location policy?

This information is not specified in the job description.

What makes a strong candidate for this Director, Product Security role?

A strong candidate thrives on staying ahead of emerging threats, can handle details in code reviews and scale secure development across teams, and has experience leading security programs with a focus on automation, threat modeling, vulnerability management, and communication skills.

Bonterra

Technology solutions for social impact organizations

Website

About Bonterra

Bonterra provides technology solutions aimed at helping organizations focused on social good, such as nonprofits and public sector entities, operate more efficiently. Their products include software for managing donations, tracking impact, and coordinating volunteer efforts, which streamline operations and enhance fundraising capabilities. Bonterra stands out from competitors by specifically targeting the social impact sector and aligning its success with that of its clients through a business model based on subscription fees and transaction fees on donations. The company's goal is to empower organizations to maximize their efforts in creating positive social change, as evidenced by their impact of facilitating $7.4 billion in donations to 225,000 nonprofits in 2021.

Austin, TexasHeadquarters
2023Year Founded
VENTURE_UNKNOWNCompany Stage
Consulting, Social ImpactIndustries
1,001-5,000Employees

Benefits

Generous Flexible Time Off
Paid Holidays
Paid Volunteer Time
Paid Parental Leave
Paid Sick Leave
Health Insurance
Vision Insurance
Dental Insurance
Life Insurance
Resources for savings and investments
Opportunities to learn, develop, network, and connect

Risks

Competition from established players like Blackbaud and Salesforce.org is intense.
Potential integration challenges from recent acquisitions could disrupt operations.
Dependence on partnerships like iWave may pose risks if synergies aren't realized.

Differentiation

Bonterra offers a comprehensive suite of tools for nonprofits and social good organizations.
The company focuses on empowering social impact initiatives with advanced technology solutions.
Bonterra's acquisition of DonorDrive enhances its digital fundraising capabilities.

Upsides

Growing demand for digital transformation in nonprofits boosts Bonterra's market potential.
Integration of AI in fundraising software enhances donor engagement and campaign effectiveness.
Bonterra's expansion into employee engagement solutions broadens its market reach.

Related Jobs

United States
Remote iconRemote

Senior Director, Product Security

1Password
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
Washington
Remote iconRemote

Chief Information Security Officer (CISO), Workday Government

Workday
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
Remote
Remote iconRemote

Director of Security

KoBold Metals
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Sr. Engineer - Product Security (Remote)

Crowdstrike
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

VP, Product Management - Risk Stratification (Remote)

Aledade
Salary not specified
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years)
United States
Remote iconRemote

Head of Security Engineering

Bastion
$240,000 - $300,000/year
  • Employment type iconFull Time
  • Experience level iconExpert & Leadership (9+ years), Senior (5 to 8 years)
United States
Remote iconRemote

Director of Risk

Alpaca
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)

Land your dream remote job 3x faster with AI

Try Jobo Free