Sr. Security Program Manager

About The Position

Requirements

• Proven experience in information security and compliance, including project management.
• Strong experience with auditing security objectives of SOC2, HIPAA, FedRAMP (800-53), NIST, and ISO 27001.
• Ability to navigate compliance controls and cloud security best practices.
• Proven project management skills, with the ability to manage multiple projects simultaneously.
• Excellent communication skills to keep internal and external stakeholders aligned.
• Drive, a proactive attitude, and thorough attention to detail.

Nice To Haves

• Certifications: Certified Information Security Auditor (CISA), Certified Information Systems Security Professional (CISSP), or other technical certifications.
• Project Management certification (e.g., PMP).
• Experience with Hyperproof GRC Platform and Atlassian Suite.

Responsibilities

• Contribute to the scaling and refinement of EDB's control framework and associated policies and procedures to support business growth and reduce inherent information risks.
• Support the integration of new security frameworks, including ISO 27001 and ISO 42001.
• Assist in the annual planning process for Information Security initiatives, ensuring alignment with business objectives and demonstrating the program's value-add.
• Help develop and implement a metrics-based program to measure the performance, efficiency, and effectiveness of EDB’s information security initiatives.
• Collaborate with Product Management and Engineering teams to embed security-by-design principles into the development lifecycle and delivery process.
• Establish essential working relationships with engineering leadership, product management, and executive management.
• Educate and consult with control owners on effective control environments and appropriate audit evidence.
• Translate complex security frameworks into actionable control designs and support implementation.
• Coordinate and support internal teams during third-party auditor engagements.
• Manage the process for security control exception lifecycle, managing the request, approval, and time bound remediation of approved control deviations.
• Assist in the overall optimization of the sales process from contract review to security diligence.
• Contribute to customer security diligence efforts, managing questionnaires and requests while continuously improving the efficiency and effectiveness of the response process.
• Guide team members on priority tasks and project execution, as needed.

Benefits

• EDB is committed to supporting our employees' overall well being by offering a range of benefits and resources to promote a healthy work-life balance and wellness.
• We provide access to CuraLinc to aid employees in health and wellness tips and practices, as well as Wellness Fridays extending to December 2025!
• Check out our career site for more information on perks and benefits and reach out to our Talent Acquisition team for region specific benefits.