Renata
Back to jobs
GitHub

Staff Product Manager, Repository Security and Governance

GitHub
United StatesPosted 1 months ago
Full-timeremote
Apply NowAsk Renata

Job Description

About GitHub

GitHub is the world’s leading platform for agentic software development — powered by Copilot to build, scale, and deliver secure software

Over 180 million developers, including more than 90% of the Fortune 100 companies, use GitHub to collaborate, and more than 77,000 organisations have adopted GitHub Copilot.

Locations

In this role you can work from Remote, United States

Overview

GitHub is changing the way the world builds and secures software, and we want you to help build GitHub! 

 

Millions of developers and companies use GitHub to build, ship, and maintain their software

The way enterprises govern code on that infrastructure, who can change what, under which conditions, and with what oversight, is becoming one of the most consequential surfaces in software. 

 

We're looking for a Staff Product Manager to own the strategy for GitHub's Repository Security and Governance surface

The primitives you ship, including rulesets, custom properties, delegated bypass, rule insights, and policy enforcement, are the enforcement backbone for every enterprise managing thousands of repositories at scale

You will define how repository governance evolves from a collection of discrete controls into a coherent, programmable policy layer that works across organizations, enterprises, and the next generation of agentic developer workflows

In doing so, you will help define the next generation of the secure software factory: how code is produced, governed, and shipped securely when humans and AI agents build side by side. 

 

You'll partner with engineering leaders, security teams, developer relations, and enterprise customers, and work closely with adjacent product areas including GitHub Platform, Advanced Security, Copilot, and Actions to ensure repository policy primitives compose cleanly across the platform. 

GitHub's engineering and product organizations are highly distributed, and we embrace asynchronous communication

We value collaboration, empathy, quality, positive impact, and shipping.


Responsibilities

Strategy & Vision 

  • Own the multi-year strategy for Repository Security and Governance, defining how its primitives evolve into a unified, programmable policy layer for the enterprise. 

  • Articulate a clear point of view on how repository governance must adapt to agentic workflows, where AI agents act as first-class actors alongside humans, and translate that view into platform-level investments. 

  • Serve as the recognized authority on enterprise repository policy across GitHub and Microsoft, influencing senior stakeholders on long-term direction. 

 

Customer & Market Signals 

  • Translate enterprise customer signal, including usage telemetry, support escalations, design-partner input, and ARR exposure, into a clear, defensible investment thesis that shapes the roadmap and resolves prioritization debates with leadership. 

  • Build a durable point of view on the enterprise governance market by maintaining direct relationships with design partners, power users, and security leaders, and by tracking how the competitive and regulatory landscape is evolving. 

  • Identify systemic blockers to enterprise governance adoption, from onboarding friction to scalability, and shape the product investments needed to remove them. 

 

Product Definition & Delivery 

  • Set the bar for what "ready" means at every release stage, defining outcome-based success criteria across private preview, public preview, and GA. 

  • Architect how governance composes across the platform, defining the contracts between Repository Security and adjacent surfaces such as Actions, Advanced Security, and Copilot so policy behaves coherently end to end. 

  • Sequence a portfolio of concurrent initiatives across preview stages, making the trade-offs between scope, quality, and time that keep the program shipping against the strategy. 

 

Go-To-Market & Impact 

  • Define the adoption strategy for new governance capabilities, designing the experiments, design-partner engagements, and motion with field teams that prove value and unlock enterprise scale. 

  • Own the external narrative for repository governance through executive briefings, changelog posts, community discussions, and developer-facing documentation, ensuring the market understands where GitHub is taking this surface. 

  • Define the success metrics that matter for this area, including adoption, retention, and policy coverage, and use that data to hold the strategy accountable rather than defaulting to loudest-voice inputs. 


Qualifications

Required

 

  • 8+ years experience in product, service, project/program management, software development, product design, or related field

    • OR Bachelor's Degree in a related field AND 6+ years of experience in product management, software development, or a related field 

    • OR equivalent experience. 

  • Direct experience with enterprise security, compliance, or governance products (policy enforcement, audit logging, RBAC, supply chain securitythat have scaled to tens of thousands of assets. 

  • Proven experience owning platform or infrastructure products, defining multi-year product strategy, and navigating complex trade-offs with senior executive stakeholders (VP/C-level), while driving cross-organizational collaboration to deliver solutions spanning deeply technical and policy-driven problem spaces.

 

 

Preferred

 

  • Master's degree in Business, Computer Science, or a related field. 

  • 10+ years of experience in product management or related disciplines. 

See Your Match Score

Sign up and Renata will show you how this job matches your skills and experience.

Get Started Free
About GitHub
Website
Staff Product Manager, Repository Security and Governance at GitHub | Renata