Escalation Manager – Application Security

Black Duck Software, Inc. helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Black Duck, a recognized pioneer in application security, provides SAST, SCA, and DAST solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Black Duck helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

The Escalation Manager is a senior, customer-critical role responsible for owning and resolving high-impact, complex issues that fall outside standard support processes. This role acts as the central point of coordination between customers, support, engineering, product, and leadership teams. 

In an application security context, the Escalation Manager ensures timely resolution of issues related to vulnerability detection, scanning, CI/CD integrations, and security workflows - while maintaining customer trust, minimizing business impact, and driving systemic improvements across the organization. 

Core Responsibilities

Incident Ownership & Crisis Management

• Take end-to-end ownership of critical escalations (technical, operational, or security-impacting).
• Drive issues from identification through resolution, ensuring accountability across teams.
• Establish urgency, prioritize effectively, and manage multiple concurrent escalations.
• Lead incident bridges, war rooms, and executive updates during critical situations.

Customer Advocacy & Stakeholder Management

• Act as the voice of the customer internally, especially for high-value or at-risk accounts.
• Communicate clearly with both technical and executive stakeholders.
• Set expectations, provide transparent updates, and rebuild customer confidence.
• Manage sensitive situations involving SLAs, security concerns, or production outages.

Cross-Functional Leadership

• Coordinate efforts across Support, Engineering, Product Management, DevOps, and Sales.
• Influence teams without direct authority to ensure timely delivery of fixes and workarounds.
• Align internal priorities with customer impact and business risk.

Technical Oversight (Application Security Focus)

Understand and guide resolution of issues related to: 

• SAST, DAST, SCA, and Container Security tools
• CI/CD pipeline integrations (e.g., Jenkins, GitHub Actions, GitLab)
• Vulnerability scanning, false positives/negatives, and policy enforcement
• Large-scale codebase scanning and performance bottlenecks
• Provide direction on best practices for secure development and scanning strategies.

Root Cause Analysis (RCA) & Problem Management

• Lead detailed RCA efforts for critical incidents.
• Conduct post-mortems and ensure documentation of findings.
• Identify systemic gaps in product, process, or infrastructure.
• Drive preventive actions to reduce recurrence and improve platform reliability.

Process & Operational Excellence

• Define and continuously improve escalation frameworks, playbooks, and runbooks.
• Establish and enforce SLAs, OLAs, and escalation thresholds.
• Optimize triage processes for faster identification and resolution of issues.
• Introduce automation and tooling improvements where applicable.

Reporting, Insights & Continuous Improvement

• Track escalation trends, root causes, and resolution metrics.
• Provide regular reports to leadership highlighting risks, patterns, and opportunities.
• Partner with Product and Engineering to influence roadmap based on customer pain points.
• Contribute to knowledge base, training, and enablement for support teams. 

Risk & Compliance Awareness

• Handle escalations involving security vulnerabilities with appropriate sensitivity.
• Ensure adherence to security best practices, compliance standards, and data privacy requirements.
• Collaborate with security and compliance teams when required. 

Key Qualifications 

• 5–10+ years in Escalation Management, Technical Support, Incident Management, or Customer Success.
• Experience in SaaS, enterprise software, or cybersecurity/application security domains. 
• Strong understanding of: Application Security (SAST, DAST, SCA, Container Security), CI/CD pipelines and DevOps practices,  APIs, microservices, cloud platforms (AWS/Azure/GCP), Debugging complex system and performance issues
• Familiarity with tools such as Jira, Salesforce, Splunk, Kibana, or similar. 
• Exceptional written and verbal communication skills.
• Ability to translate complex technical issues into concise executive-level summaries.
• Experience handling high-pressure customer interactions and escalations. 
• Proven ability to influence cross-functional teams without direct authority.
• Strong problem-solving, decision-making, and prioritization skills.
• High emotional intelligence (EQ) with the ability to manage conflict and build trust.
• Calm, structured, and decisive under pressure. 

Education 

• Bachelor’s degree in Computer Science, Information Technology, Business, or a related field (preferred). 

Success Metrics 

• Reduction in escalation volume and recurrence rate
• Time to resolution (TTR) for critical issues
• Customer satisfaction (CSAT) and retention for escalated accounts
• SLA adherence and incident response effectiveness
• Improvement in product stability and support efficiency 

What Success Looks Like in This Role 

• Customers feel heard, supported, and confident even during critical incidents
• Escalations are resolved efficiently with minimal business impact
• Systemic issues are identified early and prevented proactively
• Strong alignment exists between customer needs and internal execution 

Black Duck considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Black Duck complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Black Duck also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.