Senior Technical Program Manager, Product Security

About The Position

Requirements

• 5+ years of technical program management or equivalent experience, with a specific focus on security or application security.
• Demonstrated proficiency with secure SDLC processes and best practices for integrating security throughout the software development lifecycle.
• Hands-on experience designing and managing security controls within CI/CD pipelines, using automation frameworks to enable secure code delivery and rapid remediation.
• Familiarity with threat modeling, static and dynamic application security testing (SAST/DAST), and software composition analysis (SCA) tools.
• Deep understanding of DevSecOps principles, security automation, and infrastructure-as-code security.
• Experience driving the adoption of vulnerability management, architectural best practices, and incident response for cloud-native and distributed applications.
• Knowledge of container security (Docker, Kubernetes), microservices architectures, and cloud platform security (AWS, Azure, GCP).
• Experience leading end-to-end security architecture design and governance across complex, cloud-native, and hybrid enterprise environments, aligning security capabilities to business and risk objectives.
• Proven ability to define and maintain reference architectures, security patterns, and control standards spanning network, identity, data protection, and application security domains.
• Skilled in conducting architecture risk assessments and design reviews, ensuring new and existing solutions meet zero trust, defense-in-depth, and compliance requirements in regulated industries.

Responsibilities

• Conceive, design, develop, and improve industry-leading security tooling, automation, architecture, and/or frameworks that enable enterprise teams at scale to deliver applications and services with appropriate security controls to meet evolving requirements for security and privacy
• Identify and eliminate classes of security problems by shifting detection and prevention left into the development workflow
• Provide just-in-time, actionable, technical security guidance to enterprise application and service teams
• Ensure prioritization, resourcing, and timely delivery of work within a changing business environment
• Collaborate with cross-functional teams to ensure security work is being prioritized and addressed
• Drive end-to-end execution of technical security projects, including requirements gathering, scoping, status updates, and delivery milestones.
• Establish and report metrics to track compliance, program health, and ongoing risk posture.
• Coordinate with third-party vendors and auditors to augment internal security capabilities
• Serve as a subject matter expert on infrastructure, architecture, and application security, offering guidance to technical and non-technical stakeholders.
• Support security reviews, threat modeling, and incident response efforts for applications and production infrastructure.

Benefits

• Provides a generous employer match on employee 401(k) contributions to support planning for the future.
• Paid time off to volunteer at an organization of your choice.
• Funding for select family-forming benefits.
• Relocation support for employees who need assistance moving