Cybersecurity Technical Program Manager

About The Position

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Information Security, Software Engineering or related field.
• 10+ years of professional experience in electronic product design and new product introduction within a manufacturing context (e.g., collaboration with Design Engineers, Software Engineers, Software QA, Manufacturing, Supply Chain, Supplier Quality, Product Management, etc.).
• Proven experience managing product security or cybersecurity programs for connected devices or embedded systems.
• Strong hands-on experience with vulnerability management (identification, triage, prioritization, remediation tracking).
• Strong hands-on experience with security testing tools (SAST, DAST, dependency scanning, fuzzing).
• Strong hands-on experience with threat modeling and risk assessment methodologies.
• Experience driving compliance with Cyber Resilience Act (CRA) or similar global cybersecurity regulations.
• Demonstrated success in driving cross-functional teams to resolve security vulnerabilities within defined SLAs.
• Familiarity with secure coding practices and common vulnerabilities (OWASP Top 10, CVEs, CWEs).
• Strong understanding of software development methodologies (Agile/DevSecOps).
• Excellent communication, stakeholder management, and executive reporting skills.
• Ability to operate effectively in complex, regulated environments and manage ambiguity.
• Meticulous attention to detail and technical accuracy.
• Outstanding organizational and technical competencies.
• Effective interpersonal and multitasking skills.

Nice To Haves

• Project Management Professional (PMP) Certification.
• Experience in IoT, embedded systems, or safety-critical industries (fire/life safety, medical, automotive).
• Certifications such as CISSP, CISM, or CEH.
• Experience with tools such as JIRA, Azure DevOps, or similar.
• Knowledge of SBOM standards and open-source risk management.
• Familiarity with cloud security and connected device ecosystems.

Responsibilities

• Lead and manage cybersecurity workstreams across multiple concurrent NPI programs from concept through product launch and sustaining phases.
• Drive secure development lifecycle (SDL) practices and ensure alignment with enterprise and regulatory cybersecurity frameworks.
• Partner with software engineering, hardware, QA, architecture, and DevOps teams to identify, assess, and prioritize software and system vulnerabilities.
• Ensure timely remediation and closure of security findings.
• Track and report vulnerability metrics (MTTR, backlog, severity trends).
• Establish and maintain cybersecurity program plans, including risk registers, threat models, compliance milestones, and mitigation strategies.
• Oversee product security testing activities, including SAST, DAST, penetration testing, SBOM generation, and third-party vulnerability assessments.
• Ensure compliance with Cyber Resilience Act (CRA) and other relevant regulations/standards (e.g., IEC 62443, NIST, ISO 27001, UL cybersecurity requirements).
• Coordinate security incident response planning and vulnerability disclosure processes for products in the field.
• Facilitate cross-functional alignment to drive timely resolution of security issues, including coordination with external vendors and suppliers.
• Prepare and present cybersecurity posture, risks, and compliance status to senior leadership and stakeholders.
• Promote a culture of security-first mindset and continuous improvement through lessons learned and best practices.

Benefits

• Competitive salary
• Paid vacation/holidays/sick time
• Comprehensive benefits package including 401K, medical, dental, and vision care.
• On-the-job/cross-training opportunities
• Encouraging and collaborative team environment
• Dedication to safety through our Zero Harm policy
• Competitive Bonus plan
• Competitive benefits package