What you'd actually do

Own the IAM product vision and roadmap, setting direction for authentication, authorization, user modeling, and ownership frameworks in close partnership with engineering leadership

Drive the User Model split to completion — separating IAM Users (auth/permissions) from Personnel Records (GRC/compliance) in a complex, cross-team data migration with org-wide impact

Define Ownership 3.0 — chart the path from binary object-level ownership to customer-customizable, role-based permissions that serve both startups and large enterprises

Shape Vanta's authorization strategy proactively, ensuring product teams build on shared platform capabilities rather than ad hoc permission solutions

Contribute to multi-tenant access architecture, enabling seamless cross-domain experiences for auditors, MSPs, and multi-workspace enterprise customers

Skills

Required

8-12+ years of product management experience
at least 3-4 years at a Staff/Senior level in platform or infrastructure roles
Enterprise platform PM experience: you've worked on permissions, RBAC, multi-tenancy, or identity systems at scale in B2B SaaS
Systems thinking: you can reason about how authentication, authorization, and identity interconnect and affect every product surface — and explain it simply
Strong cross-functional collaboration: this role touches every team at Vanta and requires building consensus across Product, Engineering, Design, and GTM
Storytelling for technical concepts: you can explain why an authorization architecture decision matters to non-technical stakeholders and translate complex IAM concepts into clear business value
Customer empathy at multiple scales: you understand that a 10-person startup and a federal agency have vastly different permission needs, and can design systems that serve both
Comfort with ambiguity: you've navigated complex platform problems with many open design questions and competing stakeholder needs

Nice to have

Experience with policy engines (Oso, OPA, Cedar) or authorization architecture patterns
Background in GRC, compliance, or security-adjacent products
Familiarity with multi-tenant SaaS architectures

At Vanta, our mission is to help businesses earn and prove trust.** **We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it.

The Identity & Access Management (IAM) team builds the foundational identity and permissioning systems that power every Vanta product. As Staff Product Manager for the Identity Platform, you'll own the product vision and roadmap for how Vanta authenticates users, authorizes actions, and models identity across an increasingly complex customer base from 10-person startups to federal agencies. This high-autonomy role shapes how permissions scale as Vanta moves deeper into enterprise and government markets.

What you’ll do as a Staff Product Manager at Vanta:

Own the IAM product vision and roadmap, setting direction for authentication, authorization, user modeling, and ownership frameworks in close partnership with engineering leadership
Drive the User Model split to completion — separating IAM Users (auth/permissions) from Personnel Records (GRC/compliance) in a complex, cross-team data migration with org-wide impact
Define Ownership 3.0 — chart the path from binary object-level ownership to customer-customizable, role-based permissions that serve both startups and large enterprises
Shape Vanta's authorization strategy proactively, ensuring product teams build on shared platform capabilities rather than ad hoc permission solutions
Contribute to multi-tenant access architecture, enabling seamless cross-domain experiences for auditors, MSPs, and multi-workspace enterprise customers
Navigate complex cross-team dependencies across GRC, Trust, Collaboration, and PEX — all of which have authorization needs that this role must harmonize
Partner deeply with engineering and technical domain experts to balance enterprise complexity with comprehensibility for smaller customers
Translate technical IAM concepts into clear business value for leadership, GTM teams, and cross-functional stakeholders
Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact

What You'll Bring:

8-12+ years of product management experience, with at least 3-4 years at a Staff/Senior level in platform or infrastructure roles
Enterprise platform PM experience: you've worked on permissions, RBAC, multi-tenancy, or identity systems at scale in B2B SaaS
Systems thinking: you can reason about how authentication, authorization, and identity interconnect and affect every product surface — and explain it simply
Strong cross-functional collaboration: this role touches every team at Vanta and requires building consensus across Product, Engineering, Design, and GTM
Storytelling for technical concepts: you can explain why an authorization architecture decision matters to non-technical stakeholders and translate complex IAM concepts into clear business value
Customer empathy at multiple scales: you understand that a 10-person startup and a federal agency have vastly different permission needs, and can design systems that serve both
Comfort with ambiguity: you've navigated complex platform problems with many open design questions and competing stakeholder needs

**Nice to have: **

Experience with policy engines (Oso, OPA, Cedar) or authorization architecture patterns
Background in GRC, compliance, or security-adjacent products
Familiarity with multi-tenant SaaS architectures

What you can expect as a Vanta’n:

Industry-competitive salary and equity
Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
16 weeks paid Parental Leave for all new parents
Health & wellness stipend
Remote workspace, internet, and cellphone stipend
Commuter benefits for team members who report to the SF and NYC office
Family planning benefits
Matching 401(k) contribution with immediate vesting
Flexible PTO policy, plus 80 hours of Sick Time
11 company-paid holidays
Virtual team building activities, lunch and learns, and other company-wide events!
Offices in SF, NYC, London, Dublin, Tel Aviv, and Sydney

To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar-stage growth companies. Final offer amounts are determined by multiple factors and may vary based on candidate location, skills, depth of work experience, and relevant licenses/credentials.

#LI-remote

At Vanta, we are committed to hiring diverse talent of different backgrounds and as such, it is important to us to provide an inclusive work environment for all. We do not discriminate on the basis of race, gender identity, age, religion, sexual orientation, veteran or disability status, or any other protected class. As an equal opportunity employer, we encourage and welcome people of all backgrounds to apply.

About Vanta

We started in 2018, in the wake of several high-profile data breaches. Online security was only becoming more important, but we knew firsthand how hard it could be for fast-growing companies to invest the time and manpower it takes to build a solid security foundation. Vanta was inspired by a vision to restore trust in internet businesses by enabling companies to improve and prove their security. From our early days automating security monitoring for compliance standards like SOC 2, HIPAA and ISO 27001 to creating the world's leading Trust Management Platform, our vision remains unchanged.

Now more than ever, making security continuous—not just a point-in-time check— is essential. Thousands of companies rely on Vanta to build, maintain and demonstrate their trust— all in a way that's real-time and transparent.

Referral Instructions

If you are being referred for the role, please contact that person to apply on your behalf.