Emanuel Boderash
Building secure products at enterprise scale — with the instincts of an engineer, the discipline of a PM, and the perspective of someone who has seen the world up close.
Security-minded PM.
Engineer at heart.
I’m Emanuel — a Product Manager in Application Security at American Express, where I own the roadmap for 16 security products spanning DAST, MAST, SAST, SCA, and API security. I came up as an engineer: five years building Python applications, containerized tooling, and the enterprise Slack automation that became one of the top 3 bots at AmEx. That background means I can hold the user story and the system architecture in the same thought — and bridge the gap between what security teams need and what developers will actually adopt.
Outside work, I’ve traveled to 51 countries and spent six months in Ukraine during the full-scale invasion doing humanitarian work, including missions near the frontlines. That kind of experience changes how you think about risk, tradeoffs, and what really matters. I write about it on Substack and film on YouTube.
Where I’ve worked.
- Define the product vision, milestones, and roadmaps for 16 products spanning all of application security — DAST, MAST, SAST, SCA, and API security
- Driving security architecture and enterprise rollout of SAST & SCA pipeline gating — defining vulnerability policy thresholds and aligning engineering teams on adoption at scale
- Manage initiative for sustainable container vulnerability remediation using Moderne AI for AI-powered code rewrites across the enterprise, coordinating with VP-level stakeholders
- Left corporate life to pursue a long-held goal: travel the world. Visited 51 countries across five continents — from Amsterdam through Eastern Europe, the Middle East, Southeast Asia, and onward to Japan
- Spent six months in Ukraine during the full-scale Russian invasion doing humanitarian work — including missions near the frontlines in the Kharkiv region, documenting the war and supporting aid efforts on the ground
- Product Owner for open-source vulnerability management program using Agile methodologies
- Built async chatbot for the enterprise developer community — became a top 3 Slack bot in the enterprise — deployed with Docker & Kubernetes
- Deployed Django web application to production on OpenShift enterprise cloud, utilizing Docker, Kubernetes, NGINX, PostgreSQL, Redis, Kafka, Vault, and Okta SSO
- Containerized 20+ Python applications in multi-stage Docker builds for reliable, scheduled API ingestion from vendor security tools into Splunk
Adventures & Stories.
When I’m not shipping security products, I’m documenting life across borders — through photography, writing, and video.
Credentials.
“Emanuel had strong leadership and commitment to our open source governance program. This includes rolling out multiple enhancements to our Slack Bot — a top 3 bot in the enterprise — to drive automation, self-service, and operational insight for developers. In partnership with Enterprise Cloud Platform, this supports regular data refreshes for open source security data, reducing application risk and supply chain attacks.”