Full-Time
Customer Success Manager
Posted on 9/12/2025
Black Duck
1,001-5,000 employees
Open source risk management and audits
No salary listed
Bengaluru, Karnataka, India
In Person
 Sales & Account Management |
|---|
- 4+ year’s account management, customer success, or sales engineer experience in the enterprise software space
- Able technical aptitude; ability to deliver complex technical presentations, perform product demonstrations, and help the customer achieve technical success
- Understanding of the software development lifecycle, application security, and/or related field
- Experience with the development, execution, and overview of account plans
- Proven executive presence at the VP level and above; demonstrated ability to seamlessly participate in discussions with business and technical leadership
- Excellent verbal and written communication and in-person and virtual presentation skills
- Ability to work unsupervised and to collaborate effectively across functions
- Able to travel nationally up to 10% of the time when permissible
- Fluency in English language is required
- Bachelor's degree in Computer Science or Engineering
- Develop and maintain durable relationships at all levels within the customer organization
- Develop technical proficiency with all solutions
- Be the customer's single point of contact throughout the entire customer life cycle (sales, implementation, adoption, proficiency, expansion)
- Advocate for the customer by working closely with professional services, product management, customer support, and sales teams
- Develop, deliver, and execute customer success plans which outline critical success factors and measures for success
- Drive customer adoption through training and development of best practices to continually create incremental value
- Monitor the adoption rates of assigned accounts; help align customer use cases with their business purposes
- Maintain steady customer retention rates aligned with corporate goals
- Partner with sales by identifying new business opportunities for expanding the footprint
- Capacity to learn the software development lifecycle and application security
Black Duck Software helps organizations manage open source risk by offering Software Composition Analysis (SCA) and Open Source Audits. Its products scan software to find security vulnerabilities and license compliance issues in open source components and provide fixes. The Open Source Audits support due diligence for mergers and acquisitions and internal audits. Revenue comes from licenses for the tools plus professional services for audits and consultations. The platform relies on a large database of open source components, vulnerabilities, and licenses to enable fast, accurate analysis. The goal is to help security, development, and legal teams ensure software is secure and legally compliant throughout the software development lifecycle and during M&A.
Company Size
1,001-5,000
Company Stage
Acquired
Total Funding
$652.5M
Headquarters
Burlington, Massachusetts
Founded
2002
Simplify's Take
What believers are saying
- Clearlake and Francisco Partners acquired Black Duck for $2.1 billion.
- Ishpreet Singh joined as CIO and Bruce Jenkins promoted to CISO in December 2024.
- 4,000+ organizations use Black Duck for unified SAST, SCA, and AI analysis.
What critics are saying
- Snyk erodes Black Duck's base with 40% faster scans and 25% more DevSecOps deals.
- Sonatype undercuts pricing by 30%, shrinking Black Duck's SaaS margins.
- Veracode's WhiteSource acquisition diverts 15% of Black Duck's M&A audit revenue.
What makes Black Duck unique
- Signal uses ContextAI with 20 years of security intelligence for AI-generated code.
- Polaris integrates with GitHub, GitLab, Azure DevOps, and Bitbucket for automated DevSecOps.
- Code Sight provides IDE plugins with real-time SCA and AI fix suggestions.
Help us improve and share your feedback! Did you find this helpful?
Benefits
Health Insurance
Dental Insurance
Vision Insurance
Flexible Work Hours
Professional Development Budget
Paid Vacation
Growth & Insights and Company News
6 month growth
↑ 0%1 year growth
↑ 1%2 year growth
↑ 49%Black Duck has launched Signal, an AI-powered application security solution designed to secure AI-generated code in autonomous development workflows. The platform uses an agentic AI architecture where specialised agents analyse vulnerabilities, validate exploitability and recommend fixes. Signal is powered by ContextAI, Black Duck's application security model containing over 20 years of security intelligence. This enables the system to assess risk with higher accuracy than solutions built solely on general-purpose AI models. The platform integrates directly into modern software development through model context protocol and APIs that support AI coding assistants and automated pipelines. CEO Jason Schmitt said AI is "actively authoring software", and Signal brings intelligence and governance to that reality. The solution is now generally available and will be showcased at RSA Conference in San Francisco from 23–26 May.
Black Duck has launched enhanced integrations for its Polaris Platform across major source code management systems including GitHub, GitLab, Azure DevOps and Bitbucket. The updates enable automated repository onboarding, continuous monitoring and event-based scanning for enterprises managing thousands of code repositories. The enhancements allow organisations to automatically onboard repositories without manual configuration and trigger scans during pull requests. The platform includes Black Duck Signal for AI-powered security insights and Code Sight, an IDE plugin providing real-time feedback to developers. The integrations support customisable scanning options and automatically synchronise security policies and user access controls across repositories. The features are immediately available to existing customers through Polaris Platform settings, aiming to streamline DevSecOps operations at enterprise scale.
BlueVoyant's new Software Bill of Materials (SBOM) management offering, powered by SBOM leader Manifest, enables organizations to efficiently analyze and reduce third-party risks from commercial softwareNEW YORK, June 3, 2025 /PRNewswire/ -- BlueVoyant, the leader in integrated cybersecurity, today launched its Software Bill of Materials (SBOM) management offering, which helps organizations reduce risk related to software by automating the ingestion, analysis, and tracking of software component information from third-party software vendors. The latest advancements enhance Supply Chain Defense, BlueVoyant's next-generation third-party cyber risk management solution that continuously monitors suppliers, vendors, and other third parties, and then works with them to quickly remediate threats. BlueVoyant's SBOM solution is powered through a partnership with Manifest, a cybersecurity company that specializes in securing software supply chains for corporate and government entities.More than 85% of applications contain at least one software vulnerability, according to the Open Source Software Risk Analysis (OSSRA) Report. Yet, many organizations lack visibility into software design or an efficient way to assess and manage third-party SBOM information, which can leave them open to breaches, business interruption, and regulatory compliance issues. As a result, organizations are looking for solutions.By leveraging the BlueVoyant-Manifest SBOM solution, security teams can proactively gain deep insights into software risk exposure and other dependencies that their businesses may rely on."By combining Manifest's depth of experience in SBOM with BlueVoyant's holistic Supply Chain Defense, clients get continuous monitoring and remediation to solve their biggest third-party cybersecurity challenges," said Marc Frankel, CEO and co-founder of Manifest.The key benefits to utilizing SBOM for third-party risk are:Vendor risk management: Automatically solicit SBOMs from vendors, see intuitive risk levels for vendor products, and incorporate them into comprehensive third-party cyber risk managementSmarter vulnerability management: Prioritize vulnerabilities quickly, and triage issues to reduce false positives and avoid unnecessary mitigation workOpen Source Software (OSS) risk management: Create an enterprise-wide inventory of OSS across first and third-party products, and scan OSS repositories to assess risk before implementing themSimplified compliance: Easily demonstrate compliance and provide evidence for international regulations and standards such as R155, Executive Order 14028, Section 524B , the European Cyber Resilience Act, and the EU's NIS2 and DORA"Organizations in the private and public sectors are realizing that SBOM visibility is a crucial part of a proactive third-party cyber risk management program," said Joel Molinoff, global head of Supply Chain Defense at BlueVoyant. "By enhancing BlueVoyant's Supply Chain Defense with Manifest's SBOM capabilities, our clients are expanding their risk visibility deeper into the software supply chain and ensuring continuous monitoring and remediation of critical threats."BlueVoyant's Supply Chain Defense has garnered multiple industry awards
Ishpreet Singh named CIO, joins executive leadership team from Qualys; Bruce Jenkins promoted internally to CISO, further bolstering vision of growth and innovationBURLINGTON, Mass., Dec. 19, 2024 /PRNewswire/ -- Black Duck® Software, Inc. ("Black Duck"), a widely recognized leader in application security, today announced the appointment of Ishpreet Singh as chief information officer (CIO) and Bruce Jenkins as chief information security officer (CISO)
Clearlake Capital and Francisco Partners acquire Black Duck Software for $2.1bn.