Senior/Staff Product Manager, Offense

Horizon3.ai is a fast-growing, cybersecurity company dedicated to the mission of enabling organizations to proactively find, fix, and verify exploitable attack vectors before criminals exploit them. Our flagship NodeZero platform delivers production-safe autonomous pentests and other key assessment operations that scale across the largest internal, external, cloud, and hybrid cloud environments - serving organizations ranging from educational institutions to Global 100 enterprises.

We are a team of learn-it-alls who love building awesome products, with backgrounds spanning technology startups, Fortune 500 companies, and military service. We value entrepreneurial spirit, collaboration, and solving tough problems that keep organizations ahead of attackers.

We are looking for a Senior or Staff Product Manager to join our Proactive Offense product group. This team is responsible for every pentest operation type that makes NodeZero the most powerful proactive security platform on the market.

You will own one or more offensive product areas (e.g., External Pentesting) end-to-end: defining what NodeZero attacks, how it attacks, and how it communicates consequences and business risk to defenders. You will work directly with engineering managers and a world-class team of offensive security engineers to ship capabilities that emulate real attacker behavior.

This role is ideal for someone who is energized by the attacker's perspective, thrives in a fast-moving environment, and wants to shape how AI-powered offensive security evolves. You will join a product team that operates with high autonomy, moves fast, and has direct access to company leadership and customers.

• Own the product roadmap for your offensive product area(s), from discovery through launch and iteration, balancing customer impact, technical feasibility, and business value

• Define attack capabilities in collaboration with offensive security engineers, translating attacker techniques (CVE exploitation, credential pilfering, lateral movement, privilege escalation) into product requirements

• Drive consequence-first thinking: ensure NodeZero doesn't just find vulnerabilities but demonstrates the blast radius and business impact of every attack path

• Partner with Engineering leadership to align priorities, manage trade-offs, and ship on aggressive timelines

• Engage directly with customers and prospects - including SecOps practitioners and CISOs - to deeply understand how they use NodeZero and where it needs to go next

• Collaborate cross-functionally with security research, sales engineering, marketing, and customer success to support launches, competitive positioning, and commercial deals

• Define and track success metrics around attack path coverage, op completion rates, time to first finding, and customer adoption

• Contribute to product strategy alongside the Sr. Manager of Proactive Offense and VP of Product, shaping how Horizon3.ai extends its autonomous offensive capabilities

• 5+ years of Product Management experience delivering technical SaaS products

• Deep interest in or experience with cybersecurity, offensive security, or penetration testing. You don't need to be a pentester, but you need to be able to think like one.

• Demonstrated ability to ship complex, technically deep features in collaboration with engineering teams that build systems, not just UIs

• Strong cross-functional leadership - you can drive alignment across engineering, security research, sales, and executive stakeholders without positional authority

• Customer obsession - you've spent real time with users, turned their pain into product decisions, and can articulate the "so what" of every capability

• Clear, concise communication - you can translate deeply technical concepts for business audiences and translate business objectives for engineers

• Comfort with ambiguity and speed - we are building a category; the roadmap changes, scope shifts, and the best PMs here thrive on that

• Experience in Agile environments with modern product management tooling

• Background in cybersecurity, networking, cloud infrastructure, or adjacent technical domains

• Familiarity with offensive security concepts: attack chains, CVEs/CWEs, OWASP Top 10

• Experience building products for technical practitioners (security engineers, IT ops)

• Bachelor's degree in Computer Science, Engineering, or related field; advanced degree in engineering or business is a plus

• San Francisco Preferred, NYC, DC available - will be onsite 1 day a week

This job may require up to 25% of travel (customer visits, team offsites, conferences) within the assigned territory to be successful. Job-related travel expenses are reviewed and must be approved by your manager.

NodeZero is the only AI-powered proactive security platform proven in production at enterprise scale. We don't scan for vulnerabilities - we exploit them safely, show the blast radius, and help defenders fix what actually matters. You will be building products that fundamentally change how organizations defend themselves, alongside a team that takes the mission seriously and has fun doing it.

Perks of Horizon3.ai

• Inclusive Team: We value diversity and promote an inclusive culture where everyone can thrive.

• Growth Opportunities: Be part of a dynamic and growing team with numerous career development opportunities.

• Innovative Culture: Work in a collaborative environment that encourages creativity and out-of-the-box thinking.

• Competitive Compensation: We offer competitive salary, equity and benefits. Our benefits include health, vision & dental insurance for you and your family, a flexible vacation policy, and generous parental leave.

Compensation and Values

At Horizon3, we believe that our people are our greatest asset, and our compensation philosophy reflects this core value. We are committed to fostering an environment where all employees feel valued, respected, and rewarded for their contributions. Our compensation structure is designed to be fair, competitive, and transparent, ensuring that every team member is recognized and compensated equitably across roles, levels, and locations.

In accordance with various State’s transparency regulations, we provide the following salary range information for this position:

• Base salary range: $175,000 - $260,000 annually. The exact salary will be determined based on the selected candidate’s location, qualifications, experience, and relevant skills.

• Additional compensation: All full-time roles are eligible for an equity package in the form of stock options.

You Belong Here

Horizon3 is not just an equal opportunity employer - we are a community that values diversity, equity, and inclusion as fundamental principles of our culture and success. We are dedicated to fostering a workplace where everyone feels welcome and respected, regardless of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, hair length or any other legally protected status by law.

Our commitment to diversity and inclusion means we strive to attract, develop, and retain a workforce that reflects the varied communities we serve. We believe that diverse perspectives drive innovation and strengthen our ability to create cutting-edge cybersecurity solutions. At Horizon3, every team member is valued and supported in an environment that encourages personal and professional growth.

We welcome candidates from all backgrounds and experiences, and we encourage all qualified individuals to apply. Come be a part of Horizon3, where your unique contributions are recognized, and your potential is limitless.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change at any time with or without notice. 

Application Note

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.