[Hiring] Staff Product Manager, Repository Security and Governance @GitHub, Inc.

Role Description

GitHub is changing the way the world builds and secures software, and we want you to help build GitHub! Millions of developers and companies use GitHub to build, ship, and maintain their software. The way enterprises govern code on that infrastructure is becoming one of the most consequential surfaces in software.

We're looking for a Staff Product Manager to own the strategy for GitHub's Repository Security and Governance surface. The primitives you ship, including rulesets, custom properties, delegated bypass, rule insights, and policy enforcement, are the enforcement backbone for every enterprise managing thousands of repositories at scale.

You will define how repository governance evolves from a collection of discrete controls into a coherent, programmable policy layer that works across organizations, enterprises, and the next generation of agentic developer workflows.

You'll partner with engineering leaders, security teams, developer relations, and enterprise customers, and work closely with adjacent product areas including GitHub Platform, Advanced Security, Copilot, and Actions to ensure repository policy primitives compose cleanly across the platform.

GitHub's engineering and product organizations are highly distributed, and we embrace asynchronous communication. We value collaboration, empathy, quality, positive impact, and shipping.

Responsibilities

• Strategy & Vision:
  • Own the multi-year strategy for Repository Security and Governance, defining how its primitives evolve into a unified, programmable policy layer for the enterprise.
  • Articulate a clear point of view on how repository governance must adapt to agentic workflows, where AI agents act as first-class actors alongside humans, and translate that view into platform-level investments.
  • Serve as the recognized authority on enterprise repository policy across GitHub and Microsoft, influencing senior stakeholders on long-term direction.
• Customer & Market Signals:
  • Translate enterprise customer signal, including usage telemetry, support escalations, design-partner input, and ARR exposure, into a clear, defensible investment thesis that shapes the roadmap and resolves prioritization debates with leadership.
  • Build a durable point of view on the enterprise governance market by maintaining direct relationships with design partners, power users, and security leaders, and by tracking how the competitive and regulatory landscape is evolving.
  • Identify systemic blockers to enterprise governance adoption, from onboarding friction to scalability, and shape the product investments needed to remove them.
• Product Definition & Delivery:
  • Set the bar for what "ready" means at every release stage, defining outcome-based success criteria across private preview, public preview, and GA.
  • Architect how governance composes across the platform, defining the contracts between Repository Security and adjacent surfaces such as Actions, Advanced Security, and Copilot so policy behaves coherently end to end.
  • Sequence a portfolio of concurrent initiatives across preview stages, making the trade-offs between scope, quality, and time that keep the program shipping against the strategy.
• Go-To-Market & Impact:
  • Define the adoption strategy for new governance capabilities, designing the experiments, design-partner engagements, and motion with field teams that prove value and unlock enterprise scale.
  • Own the external narrative for repository governance through executive briefings, changelog posts, community discussions, and developer-facing documentation, ensuring the market understands where GitHub is taking this surface.
  • Define the success metrics that matter for this area, including adoption, retention, and policy coverage, and use that data to hold the strategy accountable rather than defaulting to loudest-voice inputs.

Qualifications

• 8+ years experience in product, service, project/program management, software development, product design, or related field OR Bachelor's Degree in a related field AND 6+ years of experience in product management, software development, or a related field OR equivalent experience.
• Direct experience with enterprise security, compliance, or governance products (policy enforcement, audit logging, RBAC, supply chain security) that have scaled to tens of thousands of assets.
• Proven experience owning platform or infrastructure products, defining multi-year product strategy, and navigating complex trade-offs with senior executive stakeholders (VP/C-level), while driving cross-organizational collaboration to deliver solutions spanning deeply technical and policy-driven problem spaces.

Preferred Qualifications

• Master's degree in Business, Computer Science, or a related field.
• 10+ years of experience in product management or related disciplines.
• Familiarity with Git-based repository workflows, branch strategies, and the developer pain points governance tooling must avoid creating.
• Proven cross-functional track record partnering with Engineering, Security, Finance, Customer Success, and Business Systems.
• Strong ownership and senior-IC leadership: guiding cross-functional teams without direct authority and delivering across a portfolio of concurrent initiatives.

Compensation Range

The base salary range for this job is USD $140,400.00 - USD $372,300.00 /Yr. These pay ranges are intended to cover roles based across the United States. An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role.

GitHub Values

• Customer-obsessed
• Ship to learn
• Growth mindset
• Own the outcome
• Better together
• Diverse and inclusive
• Manager fundamentals: Model, Coach, Care
• Leadership principles: Create clarity, Generate energy, Deliver success

EEO Statement

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!