Skip to content
San Francisco Bay AreaAvailable for senior PM roles

Shagun
Srivastava

Project manager bridging Apple InfoSec, API strategy, and agentic banking.

Results-oriented PM with 4+ years leading cross-functional teams, mitigating risk, and shipping on time and on budget. I work where security, developer experience, and product judgment meet - turning hard constraints into things people can actually build on.

4+ yrsCross-functional deliveryRisk & securityDeveloper-first APIs
Focus

Three pillars

01Information Security

Trust as a product

Security for one of the world's most targeted ecosystems - built to enable innovation, not slow it down.

As an Information Security PM at Apple, I run security work across Engineering, Legal, and Design. The goal is scalable safety that stays invisible to users: protection that ships with the product instead of bolting on after it.

Enable, don't gate
Frame security as something that lets teams move faster, not a checkpoint that stops them.
Cross-functional rigor
Align Engineering, Legal, and Design on one threat model and one plan of record.
Scale without friction
Controls users never feel, designed for a platform under constant, sophisticated attack.
02API Strategy

The API is the product

Owning the roadmap for interfaces developers want to build on - not utilities they tolerate.

A great API earns trust at the first request: predictable behavior, honest errors, and docs that read like a good tutorial. I treat the developer as the customer and the contract as the surface area that has to stay clean for years.

REST fundamentals
Idempotency, resource-oriented URLs, and consistent error codes as the baseline contract.
Write-access security
OAuth scopes, fine-grained API tokens, and HMAC-verified webhooks for anything that changes state.
High-craft DX
Rate-limit strategy, intuitive naming, real docs, and the small "magic" moments that make a key worth keeping.
03Agentic Banking

Programmable money, with a human on the hook

Forward-looking product thinking on autonomous agents that reason, plan, and execute financial tasks - safely.

The next interface to a bank is an agent. The hard part is not capability, it's authority: how an LLM plugs into financial data, what it's allowed to do, and how every action traces back to a person who said yes. This is the product thinking I brought to a PM candidacy for an API & Agentic Banking role at Mercury.

MCP as the bridge
Model Context Protocol lets agents plug into financial data through a controlled, auditable surface.
Constraint-based access
Authority by intent - e.g. "send wires up to $500 to pre-approved vendors" - not blanket keys.
Human-in-the-loop
Guardrails over gating, approval on high-value moves, and an audit trail tied to the person who set the policy.
Career

Experience

  1. Jun 2023 - PresentNow

    Information Security Project ManagerApple

    Managing security across Engineering, Legal, and Design for one of the world's most targeted ecosystems.

  2. May 2023 - Jun 2023

    Project ManagerBitwise Industries

    DocuSign CLM contract lifecycle management, Smartsheet, Gantt charts, and stakeholder reporting.

  3. Nov 2022 - Mar 2023

    Project ManagerLudicrous LLC

    QA testing, user and market research, and product improvements driven by what the data showed.

  4. Apr 2020 - Oct 2021

    Field ManagerRishi Kumar for Congress

    Led a 48-person team, ran daily scrums, and turned voter data analysis into ground strategy.

  5. Aug 2019 - Nov 2020

    Product SpecialistApple

    Consistently high NPS and mentored associates on the floor.

Background

Education

2020 - 2022
BA, Global StudiesUC Santa Barbara
2018 - 2020
AA, Political Science (Honors)Las Positas College