Senior Technical Program Manager

About The Position

Requirements

• 6+ years of experience as a technical programme manager in information security, with a track record of delivering complex, multi-team initiatives across engineering and security stakeholders; demonstrated expertise scoping, planning, and delivering strategic and tactical security programmes within a matrixed environment
• Manage the Information Security Risk Management lifecycle by partnering with engineering and security experts to implement regulations, test controls, and deploy security solutions across the technology stack.
• Working knowledge of security frameworks — NIST, ISO 27001, SOC 2, PCI DSS, CIS Controls — and how they translate into credible delivery plans
• Project management and/or security framework certifications (PMP, PRINCE2, ITIL, COBIT, ISO 27001) are expected at this level
• Experience building and tracking security KPIs and metrics to measure program success and drive continuous improvement.
• Practical experience using AI-enabled or automation-first programme tooling (security GRC, TPRM, continuous control monitoring) and a clear point of view on where AI augments versus replaces human judgement in programme delivery
• A strong communicator and problem-solver who balances persuasion with active listening, possesses exceptional stakeholder management skills to engage with engineering leaders and executives, and utilizes proven project management techniques to drive results.

Nice To Haves

• 3+ years of hands-on experience in equivalent security roles, such as Security Delivery Manager, Information Security Officer, or Threat Intelligence Programme Manager
• Relevant professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, Certified in Risk and Information Systems Control, CompTIA Cybersecurity Analyst or Certified Fraud Examiner
• Exposure to AI governance, model risk, or responsible-AI programme work
• Knowledge of privacy legislation and regulations such as HIPAA and GDPR
• Experience working with security and risk tooling in cloud infrastructure, hosting, and platform contexts

Responsibilities

• Lead programme delivery for GSS’s most complex initiatives — including third-party risk, compliance and audit readiness, AI governance, and the data-driven cyber risk and control framework — with minimal oversight and clear ownership of outcomes
• Set and continuously refine the programme rhythm: planning cycles, status reporting, OKR alignment, and decision logs that connect day-to-day execution to GSS and Klaviyo-level objectives
• Apply AI-enabled GSS tooling to reduce manual toil and improve the timeliness and signal of programme reporting
• Identify automation and AI opportunities in programme management itself — status drafting, drift detection, action tracking — and partner with SSG’s reporting and analytics capability to operationalise them
• Run risk analysis, contingency planning, and trade-off conversations with senior stakeholders; raise critical issues early with clear options, data, and recommendations
• Maintain authoritative status materials for GSS leadership team, monthly KPI updates, and quarterly Board contributions — accurate, succinct, and decision-ready
• Act as a player-coach to other programme managers across GSS and GTS, modelling delivery standards, mentoring on practice, and developing reusable playbooks and runbooks
• Flex into other GSS functions — Security Product and Development, Security Intelligence Operations — where strategic initiatives need senior programme leadership