ClawJobs
ClawJobs
Back to all jobs
Supabase

Product Manager - Security & Trust (EMEA/AMER)

Supabase|AI Infrastructure
AMER
full-timeProduct
Apply for this position

Job Description

Supabase is the Postgres development platform, built by developers for developers to help them ship countless products that people love. More than 7 million developers trust us with their data, and we are custodians of every byte of it. Security is foundational to that trust, and as we move deeper into AI-native development, regulated industries, and enterprise, it shapes whether a developer chooses us on day one and whether a regulated company can build their most sensitive workloads on Supabase.

About the role

We're looking for a PM who can balance the constant tension between security and developer experience at platform scale. Every control you add is friction a developer has to absorb, and every default you loosen is a door an attacker could walk through. Finding the right balance between protecting customers and keeping them fast is the work of this role.

You'll partner with Security Engineering, Compliance, and the platform teams that own auth, networking, and audit.

This is a remote position and we're open to considering candidates located across EMEA and AMER time zones.

In This Role You Will

  • Set the security agenda for the platform. Lead Supabase's platform security roadmap end-to-end, from the defaults that protect a developer prototyping their first project to the advanced controls a Fortune 500 CISO needs before approving us.

  • Hold the line between security and developer experience. Every security feature trades protection against friction. A control that's too strict pushes developers off the platform; one that's too easy to bypass doesn't protect anyone.

  • Lead our security strategy for AI agents. Agents now read, write, and deploy on behalf of developers and companies, often at machine speed. You'll lead how Supabase authenticates, scopes, and audits agent activity so customers can give them real capability while staying in control of their data.

  • Own our security product surface. Drive the roadmap for the security tooling customers use to operate safely on Supabase: firewall, security advisors, audit logs, Supabase Vault, just-in-time database access, and the IAM primitives that let regulated customers get to "yes" with their security team.

  • Define the unified access model across Supabase. Roles, permissions, personal access tokens, OAuth integrations, organization and project modeling, SSO, and SCIM are foundational to how customers manage who can do what. You'll set the strategy that ties them together and drive the cross-cutting RFCs from proposal to shipped code.

  • Drive the compliance roadmap. Supabase already runs a strong compliance program with SOC2 and HIPAA in place. Your job is to define what comes next so more regulated companies can adopt us.

  • Be the customer's voice for security. Talk to enterprise prospects, regulated customers, and the security teams behind them. Translate what you hear into a roadmap that earns trust at every customer size, from the indie hacker prototyping their first project to the Fortune 500 CISO evaluating us for their most regulated workloads.

  • Ship the docs that go with the code. Make the security guides on supabase.com the best in the category: clear, opinionated, and trustworthy enough that a developer evaluating us comes away convinced.

You Might Be a Good Fit If You

  • Have 7+ years in product management, with serious time on security, identity and access, infrastructure, or developer platform products at a company where security mattered to enterprise buyers.

  • Have deep working knowledge of the security primitives our customers use like authentication, authorization (RBAC, RLS), audit logging, secrets management, OAuth.

  • Have a track record of leading cross-functional initiatives across Product, Engineering, Security, GTM, and Compliance, and driving multi-team RFCs from proposal to shipped code.

  • Are 100% comfortable in a remote, async, write-it-down culture.

  • Are an exceptional writer. You can draft a customer-facing security disclosure, an internal threat model, a docs page, or a one-pager for a CISO without losing voice or precision.

Nice to have

  • Compliance fluency. You've worked alongside auditors and security teams on programs like SOC2, HIPAA, ISO 27001, PCI, or FedRAMP, and you can tell which requirements are real customer needs and which are checkbox theater.

  • Technical depth in Postgres, auth systems, or networking primitives.

  • Experience designing access models for AI agents or other automated systems.

  • Shipped security features that enterprise CISOs had to approve before adoption.

What We Offer

  • Fully Remote

    We hire globally. We believe you can do your best work from anywhere. There are no Supabase offices, but we provide a WeWork membership or co-working allowance you can use anywhere in the world.

  • ESOP

    Every team member receives ESOP (equity ownership) in the company. We want everyone to share in the upside of what we’re building together.

  • Tech Allowance

    Use this budget to set up your ideal work environment—laptop, monitor, headphones, or whatever helps you do your best work.

  • Health Benefits

    Supabase covers 100% of health insurance for employees and 80% for dependents, wherever you are. Your wellbeing and your family’s health are important to us.

  • Annual Off-Sites

    Once a year, the entire company gathers in a new city for a week of connection, collaboration, and fun. It’s a highlight of our year.

  • Flexible Work

    We operate asynchronously and trust you to manage your own time. You know what needs to be done and when.

  • Professional Development

    Every team member receives an annual education allowance to spend on learning—courses, books, conferences, or anything that supports your growth.

About the Team

Supabase was born-remote and open-source-first. We believe our globally distributed team is our secret weapon in building tools developers love.

  • 280+ team members

  • 55+ countries

  • 20+ languages spoken

  • $500M raised

  • 500,000+ community members

We move fast, build in public, and use what we ship. If it’s in your project, we probably use it in ours too. We believe deeply in the open-source ecosystem and strive to support—not replace—existing tools and communities.

Hiring Process

We keep things simple, async-friendly, and respectful of your time:

  1. Apply – Our team will review your application.

  2. Intro Call – A short video chat to get to know each other.

  3. Interviews – Up to four calls with:

    • Team Leads

    • Future teammates

    • Someone cross-functional from product, growth, or engineering (depending on the role)

    • Someone from our leadership/founding team

  4. Decision – We may follow up with a final question or go straight to offer.

All communication is remote and we aim to move fast.

About Supabase

First seen: April 29, 2026
Last updated: April 30, 2026