Information Security - Sr Security Program Manager

About The Position

Requirements

• 8+ years experience building and operating security programs in SaaS / marketplace / fintech / large data platforms.
• Demonstrable ownership across AppSec, SecOps, and Corporate Security domains.
• Experience optimizing and helping vulnerability management and incident response programs mature with measurable SLAs (MTTR, remediation windows).
• Track record of influencing engineering/product leadership and delivering security as a business enabler (not a blocker).
• Strong program management skills: roadmap creation, cross-functional timelines, budget stewardship, vendor selection and contract negotiation.
• Excellent written + verbal communication; experience preparing executive risk briefings and board-level security summaries.
• Bachelor's degree in CS, Engineering, Information Security, or commensurate experience (5+ years) working in a similar role.

Nice To Haves

• Prior experience at marketplaces or in automotive/transportation/finance verticals.
• Familiarity with data products, vehicle inspection pipelines, or payment flows is a plus.
• Experience with SOC 2 readiness, ISO 27001, PCI scope reduction, or public company compliance programs.
• Background in privacy program integration, especially where product telemetry/geolocation, vehicle data, and identity data are in scope.

Responsibilities

• Work with stakeholders to create a unified security program roadmap covering Product Security, SecOps, and Enterprise Security.
• Translate risk appetite into prioritized initiatives, funding opportunities, and measurable outcomes.
• Define and publish security KPIs/OKRs as dashboards to various internal audiences.
• Use data to support visibility and continuous improvement.
• Work with security teammates to collectively drive programs partnering with Product, Engineering, and DevOps to embed AppSec into the SSDLC.
• Partner with Operational leads to drive maturity through the creation of requirement frameworks including documented procedures, incident response playbooks, and runbooks.
• Collaborate with Legal, Privacy, and GRC teams to ensure enterprise controls align with SOC 2 and other industry standard framework requirements.
• Partner directly with the CISO to ensure top initiatives are well-planned, resourced, and delivered.
• Anticipate needs, remove roadblocks, and help drive critical decision-making.
• Identify gaps, improve processes, and support the development of scalable frameworks.
• Drive cybersecurity initiatives from planning through delivery-ensuring on-time execution, resource alignment, stakeholder engagement, and clear reporting.
• Help run team meetings, leadership offsites, and special projects that support team health, accountability, and long-term success.

Benefits

• Compensation: $155,000.00 - $195,000.00 annually.
• Final compensation will be determined based upon the applicant's relevant experience, skillset, location, business needs, market demands, and other factors as permitted by law.