Director, Product Security

US Base Salary: $160,000 - $220,000 w/15% annual bonus

Bonterra exists to propel every doer of good to their peak impact. We measure that impact against our vision to increase the giving rate as a percentage of GDP from 2% to 3% by 2033. We know that this goal is lofty, but we are confident that the right technology and expertise will strengthen trust in the sector, allowing the social good industry to accelerate growth and reach peak impact. Bonterra's differentiated, end-to-end solutions collectively support a unique network of over 20,000 customers, including over 16,000 nonprofit organizations and over 50 percent of Fortune 100 companies. Learn more at bonterratech.com.

Do you thrive on staying ahead of emerging application and product security threats? Are you the kind of person who can see both the details in a code review and the big picture of how to scale secure development across dozens of engineering teams? If so, this role is for you. We're looking for a Director, Product Security to lead Bonterra's product security program - ensuring the safety, resilience, and trustworthiness of our SaaS platforms

What You'll Do

• Report directly to the CISO and own the Product Security program across Bonterra's SaaS portfolio.

• Champion secure-by-design practices across the entire software lifecycle - from architecture and design, to CI/CDpipelines, to production monitoring.

• Partner closely with R&D, Product, M&A, and IT leaders to embed security into product decisions, integrations, andinnovation initiatives.

• Build and scale security programs through automation, tooling, and training - not just headcount.

• Define and execute a multi-year roadmap for Product Security that addresses gaps in coverage, staffing, andcapabilities as Bonterra grows.

• Oversee vulnerability management across applications: review findings (SAST, DAST, SCA, penetration tests, bugbounty), assess risk, and drive remediation with engineering partners.

• Lead activities such as:

  • Threat modeling and design reviews

  • Third-party / M&A product security assessments

  • Secure code review and testing

  • Secure open-source and third-party component lifecycle management

  • Centralized tracking, prioritization, and metrics reporting

• Develop meaningful, quantitative metrics that demonstrate product security health, progress, and business value.

• Identify systemic classes of vulnerabilities, design scalable defenses, and evangelize secure coding and productpatterns across engineering.

Requirements

• 5-7 years of experience in software development or engineering roles, including 2-3 years in a leadership role.

• Proficiency in at least one major language (C#, Java, Python, Ruby, etc.).

• 5-7 years of experience in application/product security with emphasis on secure software development, code

• analysis, and vulnerability management.

• Strong knowledge of secure design principles (e.g., threat modeling, least privilege, cryptography) and commonsoftware vulnerabilities (e.g., CWE Top 25, OWASP Top 10).

• Excellent written and verbal communication skills; able to translate complex technical topics for both engineers andexecutives.

• Demonstrated ability to make pragmatic risk-based decisions and prioritize effectively in a fast-movingenvironment.

What Sets You Apart

• Experience securing cloud-native applications (AWS, Azure, GCP).

• Experience embedding security in M&A due diligence and product integrations.

• Track record of scaling security programs through automation, developer tooling, and guardrails.

• Familiarity with security and compliance frameworks (NIST, ISO, SOC 2, PCI DSS, CIS Controls).

• Experience influencing product roadmaps, customer assurance, and security-as-a-feature discussions

At Bonterra, we're building AI-powered tools to solve real human challenges-and we want teammates who share that enthusiasm.We value people who will champion AI and bring diverse perspectives from different industries, backgrounds, and cultures. Together, we create AI that breaks down barriers, empowers communities, and delivers better outcomes.

At this time, we are unable to consider candidates who require current or future sponsorship for employment authorization.

____________________________________________________________________________________

At Bonterra, we're innovating with a higher purpose: to increase giving to 3% of US GDP by 2033, creating $573 billion more in global impact every year. At Bonterra, we foster an inclusive, equitable culture where every team member belongs and contributes to meaningful impact. Read more about our values and culture here.

We offer a comprehensive benefits package that supports your health, well-being and growth - explore full details here.

Compensation and benefits for this role apply to full-time employees in the United States and may vary based on local standards, laws and norms. Pay is determined by location, skills, experience, and education, and is one part of Bonterra's total rewards package, which may also include bonuses, incentives, equity, and a comprehensive benefits program.

____________________________________________________________________________________

At Bonterra, we are proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We provide equal employment opportunities without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, veteran status, or any other characteristic protected by law.

If you require a reasonable accommodation during the application process, please submit a request.