Senior Technical Program Manager, Security

About Webflow

Webflow is a Website Experience Platform (WXP) that empowers marketers, designers, and developers to visually build, manage, and optimize stunning websites that deliver enterprise-grade performance and AI-driven personalized experiences. 

Unlike traditional platforms that create siloes between teams, Webflow’s Website Experience Platform (WXP) brings marketers, designers, and developers together in a shared environment – equipping each with the tools they need to collaborate, execute at scale, and drive results through visual, composable CMS and AI-powered optimization. 

With AI-driven personalization and analytics, Webflow not only enhances visitor engagement but also significantly boosts conversion rates, directly impacting business growth.

Today, over 300,000 of the best companies in the world – from The New York Times, Dropbox, Monday.com, TED, Orangetheory Fitness, and Checkout.com – use Webflow to build, manage, and optimize their websites.

 

About the Role

We’re looking for a Security Technical Program Manager (TPM) to lead Webflow’s Security  program and drive collaboration across different teams in Webflow and Security.

This role blends technical understanding with program leadership — ensuring key projects across information security, across the spectrum of security operations, application security, compliance and specifically vulnerability management.  You should have experience with vulnerabilities to ensure they are identified, tracked, triaged, prioritized, and remediated efficiently. You’ll build strong relationships with Application Security, Security Operations, Product, Engineering, Trust & Safety and IT teams to strengthen Webflow’s security posture and operational maturity.

• Location: Argentina (Remote) 
• Type: Full-time

As the Security TPM, you will own and coordinate initiatives that scale Webflow’s security processes, reduce risk and better manage Webflow’s attack surface. Your responsibilities will span from direct program ownership to broader cross-team enablement.

• Coordinate security-wide planning across teams — tracking dependencies, aligning on priorities, and maintaining roadmap visibility.
• Lead the end-to-end Vulnerability Management lifecycle, from discovery to remediation.
• Manage stakeholder communication, and cross-functional alignment. Partner with Engineering to ensure vulnerability ownership, ticket quality, and remediation clarity.
• Experience with AI tooling and workflow automation to better drive efficiency.
• Maintain and improve Jira workflows for vulnerability and security ticketing.
• Develop and publish vulnerability metrics and dashboards for visibility and accountability.
• Identify and resolve process bottlenecks; drive continuous improvement in the vulnerability lifecycle.
• Collaborate with SMEs in AppSec and SecDevOps to maintain full scanning and tooling coverage (e.g., Socket, container scanning, SCA).
• Maintain VM documentation, operating procedures, and readiness for audits (SOC 2, ISO 27001, ISO 42001).
• Identify opportunities for automation or reporting enhancements that scale VM effectiveness.

About you 

You’ll thrive as a Senior Security TPM if you:

• Have 3-4 years of program or project management experience in technical domains such as security, infrastructure, or DevOps.
• Have experience coordinating cross-functional delivery between engineering, security, and operations teams.
• Are comfortable working with vulnerability management tools and workflows (e.g., Socket, container scanning, SCA, Jira).
• Have strong organizational skills. You can manage timelines, track remediation progress, and maintain clear documentation without losing momentum.
• Communicate clearly and with empathy; you’re proactive about sharing updates, surfacing risks, and keeping teams aligned.
• Understand the importance of balancing speed with security, helping teams make informed tradeoffs that reduce risk without blocking delivery.
• Have experience improving or building processes that make vulnerability management more scalable and predictable.
• Take ownership of your work, follow through on commitments, and escalate blockers early with solutions in mind.
• Thrive in ambiguity. You bring structure and clarity even when priorities shift or data is incomplete.
• Are curious about how security and engineering systems fit together and how to make them stronger.

Nice to Have Experience:

• Exposure to security compliance frameworks such as SOC 2, ISO 27001, or similar audit processes.
• Familiarity with security scanning and reporting tools (Socket, Qualys, or equivalent).
• Experience supporting or coordinating incident response or vulnerability triage workflows.
• Background in SaaS or cloud environments with an understanding of common infrastructure patterns.
• Experience developing dashboards or metrics for vulnerability tracking and remediation progress.
• Prior experience in a fast-paced, remote-first organization or working across distributed teams.

You Are:

• Collaborative: You possess a collaborative spirit, thriving when working with both your immediate team and cross-functional partners.
• Strategic thinker: You're a strategic thinker, adept at defining clear business needs and evaluating solutions to make informed build-versus-buy decisions.
• Comfortable with ambiguity: You navigate ambiguous situations with ease, gathering data and making progress even with incomplete information or unclear requirements.

If you don’t meet 100% of the above qualifications, you should still seriously consider applying. Studies show that you can still be considered for a role if you meet just 50% of the role’s requirements.

Our Core Behaviors:

• Build lasting customer trust. We build trust by taking action that puts customer trust first.
• Win together. We play to win, and we win as one team. Success at Webflow isn't a solo act.
• Reinvent ourselves. We don't just improve what exists, we imagine what's possible.
• Deliver with speed, quality, and craft. We move fast because the moment demands it, and we do so without lowering the bar.

Benefits & wellness

• Equity ownership (RSUs) in a growing, privately-owned company
• 100% employer-paid healthcare, vision, and dental insurance coverage for full-time employees (working 30+ hours per week) and their dependents. Full-time employees may also be eligible for voluntary insurance options where applicable in the respective country of employment
• 12 weeks of paid parental leave for both birthing and non-birthing caregivers, as well as an additional 6-8 weeks of pregnancy disability leave for birthing parents to be used before child bonding leave (note: where local requirements are more generous, employees receive the greater benefit); full-time employees also have access to family planning care and reimbursement
• Flexible PTO for all locations and sabbatical program
• Access to mental wellness and professional coaching, therapy, and Employee Assistance Program
• Monthly stipends to support work and wellness
• 401k plan or pension schemes (in countries where statutorily required), and other financial wellness benefits, like CPA and financial advisor coverage

Temporary employees may be eligible for paid holiday and time off, statutory leaves of absence, and company-sponsored medical benefits depending on their Fixed Term Contract and their country/state of employment.

Remote, together

At Webflow, equality is a core tenet of our culture. We are an Equal Opportunity (EEO)/Veterans/Disabled Employer and are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law. Pursuant to the San Francisco Fair Chance Ordinance, Webflow will consider for employment qualified applicants with arrest and conviction records.

Stay connected

Not ready to apply, but want to be part of the Webflow community? Consider following our story on our Webflow Blog, LinkedIn, X (Twitter), and/or Glassdoor. 

Please note:

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Upon interview scheduling, instructions for confidential accommodation requests will be administered.

To join Webflow, you'll need a valid right to work authorization depending on the country of employment.

If you are extended an offer, that offer may be contingent upon your successful completion of a background check, which will be conducted in accordance with applicable laws. We may obtain one or more background screening reports about you, solely for employment purposes.

For information about how Webflow processes your personal information, please review Webflow’s Applicant Privacy Notice.