Sonatype

Senior Product Manager

Reposted 8 Days Ago

Be an Early Applicant

Hiring Remotely in Colombia

Remote

Senior level

Software • Cybersecurity

Sonatype is the software supply chain management company.

The Role

The Senior Product Manager will lead product strategy for Sonatype's software supply chain security, collaborate with teams, and drive product adoption based on customer insights.

Summary Generated by Built In

Sonatype is the software supply chain security company. We provide the world’s best end-to-end software supply chain security solution, combining the only proactive protection against malicious open source, the only enterprise grade SBOM management and the leading open source dependency management platform. This empowers enterprises to create and maintain secure, quality, and innovative software at scale.

As founders of Nexus Repository and stewards of Maven Central, the world’s largest repository of Java open-source software, we are software pioneers and our open source expertise is unmatched. We empower innovation with an unparalleled commitment to build faster, safer software and harness AI and data intelligence to mitigate risk, maximize efficiencies, and drive powerful software development.

More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on Sonatype to optimize their software supply chains.

At Sonatype, we empower developers and enterprises to innovate securely with open source. Our products sit at the heart of modern software supply chains — protecting millions of developers and organizations from risk while accelerating the pace of innovation. As a Senior Product Manager, you’ll play a critical role in advancing the state of the art in open source security, helping teams build trust in every component they use.

What you will do

Lead product strategy and execution for a core part of Sonatype’s software supply chain security portfolio.
Define and deliver capabilities that help organizations identify and prevent open source malware and supply chain attacks before they impact production.
Partner closely with engineering, data science, and design teams to translate vision into impactful, customer-focused outcomes.
Collaborate with customers, field teams, and industry experts to deeply understand developer workflows and the evolving threat landscape.
Shape the roadmap to improve how developers discover, evaluate, and secure open source components at scale.
Use data and customer feedback to make informed decisions that drive product adoption, user satisfaction, and measurable security outcomes.

What you will bring

A proven track record of leading product strategy and delivery for complex SaaS or developer-facing platforms.
Experience working with technical domains such as application security, DevSecOps, or developer tooling.
Strong analytical skills, with the ability to balance customer insight, business value, and technical feasibility.
Excellent communication and collaboration skills — you can rally teams around a shared vision and deliver results.
A passion for improving how software is built, secured, and delivered.

Why you should apply

This is an opportunity to shape technology that’s protecting the open source ecosystem at global scale. You’ll work with some of the brightest minds in software supply chain security and influence how thousands of development teams defend against emerging threats. If you’re driven by impact, enjoy tackling complex technical challenges, and want to help build the future of secure software development, we’d love to talk.

Things we are proud of

2025 Visionary in Gartner® Magic Quadrant™ for Application Security Testing
2025 AI Compliance Solution of the Year - AI Breakthrough Awards
2025 DEVIES Award to our SBOM Manager new product for its innovation and impact in developer technology
2024 Industry Leader in Forrester-Wave for Software Composition Analysis (2024 Q4 report)
Constellation AST Shortlist: Sonatype has been listed on the Constellation ShortList™ for Application Security Testing for 2024
Data Breakthrough Awards: Sonatype was announced as a 2024 winner in the "Open Source Data Solution of the Year"
Fast Company Best Workplaces for Innovators 2024
The Herd Top 100 Private Software Companies 2024
Company Wellness Week - We shut down company operations for a week to enable all employees to spend time pursuing personal growth and enjoying much needed and deserved rest.
Diversity & Inclusion Working Groups
Parental Leave Policy
Paid Volunteer Time Off (VTO)

At Sonatype, we value diversity and inclusivity. We offer perks such as parental leave, diversity and inclusion working groups, and flexible working practices to allow our employees to show up as their whole selves. We are an equal-opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. If you have a disability or special need that requires accommodation, please do not hesitate to let us know.

Top Skills

Application Security

Developer Tooling

Devsecops

SaaS

View all jobs at Sonatype

View Sonatype Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Fulton, MD

600 Employees

Year Founded: 2008

What We Do

The Sonatype journey started almost 15 years ago, just as the concept of “open source” software development was gaining steam. From our humble beginning as core contributors to Apache Maven, to supporting the world’s largest repository of open source components (Central), to distributing the world's most popular repository manager (Nexus), we’ve played a meaningful role in helping the world embrace the power of open innovation.

We empower developers and security professionals with intelligent tools to innovate more securely at scale. Our platform addresses every element of an organization’s entire software development life cycle, including third-party open source code, first-party source code, and containerized code. Sonatype identifies critical security vulnerabilities and code quality issues and reports results directly to developers when they can most effectively fix them. This helps organizations develop consistently high-quality, secure software which fully meets their business needs and those of their end-customers and partners. More than 2,000 organizations, including 70% of the Fortune 100, and 15 million software developers rely on our tools and guidance to help them deliver and maintain exceptional and secure software.

Why Work With Us

We're on a mission to change how the world innovates by making software development easier. Already used by 15 million developers, we have lofty goals for our technology to be in the hands of every engineering team. And, we need you to do that. Join us!