Senior Technical Program Manager

About The Position

Requirements

• 8+ years of technical program management, engineering program management, or equivalent experience delivering complex, cross-functional software and infrastructure programs.
• Demonstrated experience leading compliance, security, or audit-adjacent programs in cloud and software environments (FedRAMP experience is a strong plus).
• Strong working knowledge of modern cloud and software delivery systems (AWS, identity, networking, infrastructure, CI/CD, observability, SDLC).
• Proven ability to translate ambiguous requirements into an executable plan with clear milestones, owners, and measurable outcomes.
• Excellent stakeholder management skills, including aligning teams with different incentives and constraints (engineering, security, IT, and lab operations).
• Strong written and verbal communication, with the ability to produce concise documentation and executive-ready status updates.
• Track record of driving programs to completion in fast-moving environments with high standards for quality and security.

Nice To Haves

• Direct experience with FedRAMP Moderate/High readiness, authorization processes, and the practical implementation of NIST 800-53 controls.
• Experience with SOC 2 and/or ISO 27001 programs, including control mapping, evidence design, and audit execution.
• Familiarity with security tooling and practices: IAM, secrets management, endpoint management, vulnerability management, SIEM/logging, and incident response.
• Ability to operate at multiple altitudes: deep in execution details when needed, while maintaining a clear narrative and roadmap for leadership.
• Experience building program management frameworks, templates, and repeatable operating rhythms across an organization.

Responsibilities

• Own the end-to-end program plan for FedRAMP readiness and adjacent compliance certifications (e.g., SOC 2, ISO 27001, HIPAA as applicable), including milestones, dependencies, resourcing, and executive reporting.
• Build and run the cross-functional operating rhythm: program reviews, risk/issue management, decision logs, and stakeholder communications across software, security, IT, labs, and AI teams.
• Partner with Security/GRC to translate compliance requirements into implementable workstreams (controls, evidence collection, tooling, process changes) with clear owners and timelines.
• Drive remediation programs for gaps identified via audits, penetration tests, control assessments, and operational incidents.
• Write technical documentation, diagrams, and evidence readiness, including system boundaries, SSP inputs, policies/standards, and traceability from requirements to artifacts.
• Manage external-facing and 3rd party dependencies (assessors, auditors, vendors) and ensure internal teams are prepared for interviews and evidence requests.
• Run software platform programs that span multiple engineering teams
• Establish program-level metrics and continuously improve execution through retrospectives and process refinement.
• Identify and resolve organizational bottlenecks by clarifying ownership, simplifying interfaces, and driving crisp decision-making.
• Create artifacts that scale: roadmaps, one-pagers, architecture/controls narratives, runbooks, and status updates tailored to technical and executive audiences.