Security Program Manager

Posted 22 June 2021
Salary Competitive
LocationSan Francisco
DisciplineCyber Security
Contact NameSpencer Adams

Job description


As part of the Technical Program Management team, your role will be to drive the effectiveness and efficiency of programs and projects in our Security Organization (multiple teams), partnering closely with teams in engineering, product, and design (i.e. EPD), IT, and across the company. You will be helping the teams in defining objectives, strategy, planning, tactics, and in developing and implementing processes that scale. You will be working closely with a security leaders, engineers and business stakeholders to define and refine program scope, timelines, dependencies, resource planning and risks to enable and ensure that the team efficiently makes decisions and delivers on commitments. You will manage, track and communicate overall status to all stakeholders, proactively spotting and overcoming potential obstacles and establishing credibility and trust at the “grass roots” level of the team. You will develop processes, templates, and communication channels to support security collaboration and execution across the company (product marketing, customer success, product design, engineering, IT, finance, facilities) and management levels (VPs, managers, ICs).


• Drive key programs and projects that support our Security Roadmap.
• Build and own project plans, as needed, for the Security Program. This could include projects involving security engineering, security operations, enterprise security, security compliance, and/or privacy.
• Assist in creating and maintaining planning and security program level artifacts (i.e. project plans, resource planning, RAG status, change management, etc.).
• Provide regular visibility to program status (key decisions, dependencies, issues, risks, metrics, etc.) on an ongoing basis (to all stakeholders, team members, and interested parties).
• Anticipate and remove obstacles that slow down or prevent project teams from delivering on project goals.
• Collaborate with and influence engineers, managers, and business stakeholders across the company including EPD, IT, CX, Marketing, Finance, HR, and Facilities.
• Develop strong partnerships with functional leaders to drive focus on business objectives. Be a trusted partner for the CISO and executive management to ensure program success.
• Work with your peers in the EPD Management Team to incorporate your programs into the overall EPD planning cycle and process.
• Work with EPD Operations and Leadership to pioneer processes and procedures to plan and execute on program level initiatives at scale.
• Be a champion and educator of pragmatic blend of both program management and agile scrum practices.


• 7- 10+ years experience working in the field of information security and risk management for companies with a heavy focus on technology. Enterprise SaaS company experience is a plus.
• 5 - 7 years of experience in technical program management, working with both technical project teams and business teams.
• Demonstrated use of repeatable methodologies for initiating projects, work breakdown, scheduling, reporting, risk and change management,
• Knowledge and use of Planning, Project Management and Agile tools (i.e. Jira, Smartsheets, Asana, etc.) - able to create moderate to complex level project plans and resource leveling.
• Extensive experience in applying both project/program management and agile methodologies to both real world and start-up growth environments.
• Very comfortable reporting to higher level management and Executives and facilitating large discussions.
• Ability to communicate effectively with developers, product managers and senior technical leaders.
• Technical knowledge in multiple security domain areas such as engineering, applications, system and network security, authentication or security protocols
• Interest in team structures, workflows, processes, tools and team dynamics and how these impact a company’s ability to scale.
• Bachelor’s degree in a technical field
• Understanding of security processes such as threat modeling, vulnerability management, risk assessments, and policy / procedure development.
• Competent understanding of IAM, CI/CD, SDLC, and Incident Response.