Senior Technical Program Manager, Security

At Webflow, we’re building the world’s leading AI-native Digital Experience Platform, and we’re doing it as a remote-first company built on trust, transparency, and a whole lot of creativity. This work takes grit, because we move fast, without ever sacrificing craft or quality. Our mission is to bring development superpowers to everyone. From entrepreneurs launching their first idea to global enterprises scaling their digital presence, we empower teams to design, launch, and optimize for the web without barriers. We believe the future of the web, and work, is more open, more creative, and more equitable. And we’re here to build it together.

We recently announced that we're opening an office in Buenos Aires, and this role will be one of the first members of the team. Not ready to apply, or not seeing the right role yet? Sign up here to hear about future opportunities and events with the Webflow team in Argentina.

About the Role

We’re looking for a Security Technical Program Manager (TPM) to lead Webflow’s Security  program and drive collaboration across different teams in Webflow and Security.

This role blends technical understanding with program leadership — ensuring key projects across information security, across the spectrum of security operations, application security, compliance and specifically vulnerability management.  You should have experience with vulnerabilities to ensure they are identified, tracked, triaged, prioritized, and remediated efficiently. You’ll build strong relationships with Application Security, Security Operations, Product, Engineering, Trust & Safety and IT teams to strengthen Webflow’s security posture and operational maturity.

• Location: Remote-first (United States; BC & ON, Canada; Argentina)
• Type: Full-time
• Exempt
• The cash compensation for this role is tailored to align with the cost of labor in different geographic markets. We've structured the base pay ranges for this role into zones for our geographic markets, and the specific base pay within the range will be determined by the candidate’s geographic location, job-related experience, knowledge, qualifications, and skills.
  • United States (all figures cited below are in USD and pertain to workers in the United States)
    • Zone A: $145,000 - $217,000
    • Zone B: $137,000 - $204,000
    • Zone C: $128,000 - $191,000
  • Canada (figures cited below are in CAD and pertain to workers in ON & BC, Canada)
    • $165,000 - $246,000
• Application Information:
  • Application deadline: applications accepted on an ongoing basis until position is closed and filled
  • This posting is for a new position.

As the Security TPM, you will own and coordinate initiatives that scale Webflow’s security processes, reduce risk and better manage Webflow’s attack surface. Your responsibilities will span from direct program ownership to broader cross-team enablement.

• Coordinate security-wide planning across teams — tracking dependencies, aligning on priorities, and maintaining roadmap visibility.
• Lead the end-to-end Vulnerability Management lifecycle, from discovery to remediation.
• Manage stakeholder communication, and cross-functional alignment. Partner with Engineering to ensure vulnerability ownership, ticket quality, and remediation clarity.
• Experience with AI tooling and workflow automation to better drive efficiency.
• Maintain and improve Jira workflows for vulnerability and security ticketing.
• Develop and publish vulnerability metrics and dashboards for visibility and accountability.
• Identify and resolve process bottlenecks; drive continuous improvement in the vulnerability lifecycle.
• Collaborate with SMEs in AppSec and SecDevOps to maintain full scanning and tooling coverage (e.g., Socket, container scanning, SCA).
• Maintain VM documentation, operating procedures, and readiness for audits (SOC 2, ISO 27001, ISO 42001).&l