Technical Program Manager, Security & GRC

DeepScribe

15d•$80,000 - $160,000

About The Position

We’re seeking a Technical Program Manager, Security & GRC to drive DeepScribe’s most critical cross-functional programs at the intersection of security, compliance, and engineering operations. You will be the primary driver of our security and compliance programs – owning execution, coordination, and technical follow-through across SOC 2, HIPAA, vendor risk, security reviews, and audit readiness. You will also support engineering effectiveness and operational excellence initiatives, helping improve how engineering teams respond to incidents, ship changes, and operate reliably at scale. This is a hands-on TPM role for someone who thrives in ambiguity, enjoys working closely with engineers, and can translate regulatory and operational requirements into clear, executable programs.

Requirements

2+ years of experience as a Technical Program Manager, Security TPM, or similar role working closely with engineering teams
Experience driving security, compliance, or risk-related programs (e.g., SOC 2, HIPAA, ISO, HITRUST, FedRAMP, or equivalent)
Experience supporting healthcare, PHI, or regulated data environments
Strong ability to coordinate complex, cross-functional technical work across technical and non-technical stakeholders
Comfort operating in regulated environments and translating requirements into actionable plans
Excellent written and verbal communication skills, especially in technical and audit-adjacent contexts
Experience working with Vanta, or other compliance automation platforms.

Nice To Haves

Familiarity with incident response processes and operational reliability practices.
Experience supporting customer security reviews, RFPs, or enterprise sales motions.
Background working in lean, fast-growing engineering organizations.

Responsibilities

Own and drive execution of DeepScribe’s SOC 2, HIPAA, and other relevant compliance programs, partnering closely with Engineering, Legal, and People Ops.
Coordinate security reviews, risk assessments, and control validation across teams.
Lead the vendor security management program, including intake, reviews, remediation tracking, and ongoing monitoring.
Drive security improvement initiatives based on risk findings, audit outcomes, and incident learnings.
Manage the technical aspects of customer security reviews, including architecture explanations, control narratives, and evidence coordination.
Coordinate responses to RFPs, RFIs, and security questionnaires that require engineering input, ensuring accuracy, consistency, and timeliness.
Drive incident response and operational excellence initiatives, including retrospectives, follow-ups, and improvement tracking.
Coordinate deployment processes and launch management, ensuring readiness, communication, and rollback awareness.
Implement and maintain engineering best practices related to operational reliability, security, and change management.
Support cross-team technical initiatives that require coordination across multiple engineering squads.
Improve engineering documentation and knowledge sharing, particularly for operational and security-relevant workflows.
Help manage operational alerts and response processes, focusing on clarity, ownership, and continuous improvement.
Support additional cross-functional technical programs as assigned, particularly where security, risk, or operational rigor are involved.