AST Technical PM - Application Security

We are looking for a technical PM with a Security Researcher background and strong technical depth and product instincts to join our Platform & AST group at Cycode. This role sits between Research, Product, and Engineering, helping us explore new detection techniques, prototype capabilities, and push the boundaries of our SAST and AST engines.

We’re looking for someone who can deep dive technically, run experiments, build PoCs quickly, and work closely with R&D to evaluate options and shape our direction. This is an ideal opportunity to kickstart your career as part of a Product team while keeping a very hands-on approach.

What You’ll Work On

Technical & Product Research

• Explore new static analysis approaches, parsing techniques, and AST improvements.
• Deep dive into languages, compilers, frameworks and how they map to our SAST/AST engine.
• Identify opportunities to improve precision, performance, data flow, variable resolution, and cross-file logic.
• Investigate emerging languages, frameworks specificity and new code vulnerability patterns.
• Understand how modern development ecosystems affect scanning and detection.
• Evaluate where AI can assist in tasks like rule generation or semantic reasoning.

Hands-On Prototyping

• Build quick PoCs to validate feasibility, uncover limitations early, and demonstrate new capabilities.
• Experiment with both static and light AI-assisted techniques when relevant.
• Produce prototypes that help engineering decide what to build next.

Product Management

• Own and drive the SAST roadmap, from research and prioritization to definition and handoff.
• Write clear requirements, problem statements, and PRDs grounded in technical understanding.
• Evaluate feature requests, customer asks, and internal proposals by assessing feasibility and impact.
• Collaborate with Engineering Team Lead to plan deliverables, sequence work, and ensure alignment with company goals.
• Help shape long-term SAST strategy based on research findings, customer patterns, and industry trends.
• Support other PMs across the platform team with deep technical context on languages, static analysis, and detection architecture.

Collaboration with R&D and Research Group

• Work closely with engineers to transition research prototypes into real features.
• Partner with our AI and Research team.
• Help compare technical tradeoffs, explore alternative designs, and push boundaries in AST and detection architecture.

Internal Enablement

• Document research findings clearly and share results across engineering, product, and leadership.
• Support advanced evaluations or customer conversations that require technical depth.

Requirements

• Strong development and research background with the ability to prototype fast.
• Experience in application security, AST, or developer tooling.
• Curiosity and willingness to explore AI-assisted approaches (no ML expertise required).
• Ability to dive deep into programming languages, AST engines, and code analysis frameworks.
• Autonomous, curious, able to work in unstructured environments.
• Strong communication skills and the ability to explain complex topics simply.

Nice to Have

• Experience with static analysis, compilers, tree-sitter, linters, or other code analysis tools.
• Basic exposure to LLMs or AI-driven code tools (embeddings, prompting, code reasoning).
• Understanding of CFG, data flow, reachability, or semantic analysis.