Product management in cybersecurity isn't what most people imagine. There's no single project to shepherd from start to finish, no linear path from conception to launch. Instead, it's a constant exercise in strategic prioritization across dozens of simultaneous initiatives, where the ability to context-switch while maintaining a coherent vision separates effective PMs from overwhelmed ones.
Kyle Kohler, Senior Product Manager for Integrations at Recorded Future, describes his role using an unconventional metaphor: arsonist, firefighter, and educator. While the comparison might seem dramatic, it captures something fundamental about product management in the threat intelligence space that traditional job descriptions miss entirely.
The Reality of Multi-Domain Product Management
Recorded Future operates as the world's largest threat intelligence provider, spanning geopolitical intelligence, cyber threat data, and payment fraud detection. This breadth creates a unique challenge for product managers: they must maintain expertise across multiple domains while understanding how changes in one area ripple through others.
The "arsonist" aspect of Kohler's role involves strategic fire-starting—deliberately creating urgency around specific initiatives. This isn't about chaos; it's about resource allocation in an environment where everything seems urgent. Which team needs pressure to move faster? Which initiative deserves more attention? The skill lies in knowing which fires to stoke and which to let burn at a lower intensity.
Simultaneously, the "firefighter" role addresses incoming issues: customer escalations, cross-team dependencies, and unexpected technical challenges. Product managers in this space must triage constantly, determining which fires demand immediate attention and which can wait. This dual responsibility—creating strategic urgency while managing tactical crises—defines the modern PM role in complex B2B environments.
What Threat Intelligence Product Management Actually Entails
The technical scope is substantial. Threat intelligence platforms process massive data volumes from global sources, then distill that information into actionable insights. A product manager in this space needs to understand not just the technical architecture, but also the operational workflows of security teams, the geopolitical context of emerging threats, and the business logic of fraud detection systems.
Kohler's typical day begins with 10-12 Slack messages from colleagues across different time zones—a reality for any PM working in a global organization. These aren't casual check-ins; they're decision points that can unblock entire teams or redirect strategic initiatives. The ability to quickly assess which questions require immediate responses versus which can be batched for later determines whether a PM becomes a bottleneck or an accelerator.
The "educator" component involves scaling decision-making beyond a single person. Effective PMs teach other team members how to start their own strategic initiatives and resolve their own challenges. This knowledge transfer is critical in fast-moving security environments where waiting for PM approval on every decision would paralyze progress.
Why Intelligence Platforms Demand Different PM Skills
Traditional product management often focuses on user experience optimization or feature development within a defined product scope. Intelligence platforms require something different: the ability to think about data pipelines, integration architectures, and how information flows between systems while simultaneously understanding the end-user's operational context.
When Kohler mentions "lateral thinking" and tracking "how this thing affects that thing," he's describing systems thinking at scale. A change to an API integration might affect how geopolitical intelligence feeds into a customer's security operations center, which could impact their incident response times, which ultimately affects their security posture. Product managers must trace these connections without getting lost in complexity.
The integration strategy role specifically sits at a critical juncture. Threat intelligence only delivers value when it flows into the tools security teams already use—SIEM platforms, ticketing systems, threat hunting tools. An integration PM must balance the technical feasibility of connections with the strategic value they deliver, all while maintaining performance and reliability standards that security operations demand.
The Attraction of Never-Ending Complexity
Kohler's attraction to Recorded Future centers on the multi-domain nature of the work. Unlike product roles focused on a single application or user workflow, threat intelligence spans IT security, geopolitical analysis, and financial fraud—each domain with its own expertise requirements and threat landscapes.
This variety addresses a common PM challenge: stagnation. Many product managers find themselves optimizing the same features or user flows for years. In threat intelligence, the landscape shifts constantly. New threat actors emerge, attack techniques evolve, and geopolitical events create entirely new intelligence requirements. The product strategy must adapt continuously, which demands PMs who thrive on change rather than stability.
The "big data problem" Kohler references—tracking everything that happens everywhere—represents both the technical challenge and the market opportunity. Organizations are drowning in security data but starving for actionable intelligence. The PM role involves determining which data sources matter, how to process them efficiently, and how to present insights that drive decisions rather than just adding to information overload.
What This Reveals About Modern B2B Product Management
The shift from single-project focus to continuous multi-initiative management reflects broader changes in how B2B software companies operate. Product development no longer follows neat quarterly roadmaps with discrete releases. Instead, it's continuous deployment, constant iteration, and perpetual balancing of strategic bets against tactical necessities.
For aspiring product managers, Kohler's description offers a reality check. The role requires comfort with ambiguity, the ability to make decisions with incomplete information, and the emotional resilience to handle constant context switching. It's not about having the perfect product vision; it's about making dozens of good-enough decisions quickly while maintaining strategic coherence.
The global, asynchronous nature of modern product work also stands out. PMs can no longer rely on hallway conversations or conference room decisions. They must communicate effectively across time zones, document decisions clearly, and empower distributed teams to move forward without constant oversight. The Slack-heavy morning routine Kohler describes isn't just about answering questions—it's about unblocking progress for teams that won't overlap with his working hours again until tomorrow.
As cybersecurity threats grow more sophisticated and organizations struggle to make sense of expanding data volumes, the product management challenges in this space will only intensify. The PMs who succeed will be those who can embrace the chaos, think systematically across domains, and find clarity in complexity—not by simplifying the problem, but by developing the mental models to navigate it effectively.