Technical Program Manager, Security

About The Position

Requirements

• 7+ years of experience in program/project management within a technical or security domain
• Bachelor's degree in Computer Science, Engineering, Information Technology or equivalent technical experience
• Demonstrated knowledge and experience with security technologies, compliance frameworks, and risk management principles
• Experience managing technical incidents and issue resolution workflows
• Demonstrated experience communicating between technical and non-technical audiences using collaborative tools and cross-functional collaboration skills

Nice To Haves

• Relevant professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, Certified in Risk and Information Systems Control, CompTIA Cybersecurity Analyst or Certified Fraud Examiner
• Experience in a role with similar titles such as Security Delivery Manager, Security Officer, or Threat Intelligence Program Manager
• Proven experience implementing technical solutions for fraud/abuse prevention, including working with detection engineering, security signals, or threat intelligence
• Advanced knowledge of security frameworks (e.g., National Institute of Standards and Technology, ISO 27001, Control Objectives for Information and Related Technologies) and experience in leading audit or risk assessment readiness efforts
• Experience working directly with engineering and legal teams to implement technical security controls

Responsibilities

• Program Ownership: Define and own the security program strategy and framework (Identify, Prevent, Detect, Respond+Recover) with a specific focus on Meta's legal investigations, operations and compliance technical ecosystem
• Fraud & Abuse Prevention & Threat Intelligence: Lead and manage technical initiatives to prevent and mitigate fraud and abuse within Meta’s Intake and Disclosure programs. This includes developing detections, implementing signal development strategies, and incorporating threat intelligence into defensive measures and projects like Requestor & Recipient Verification (RRV)
• Information Security Risk Management & Controls: Drive the Information Security Risk Management lifecycle. This involves collaborating with engineering and security SMEs to interpret and implement relevant regulations, identify, document, and test critical security controls, and deploy effective technical and security controls across SI2 surfaces
• Incident Management: Manage technical and fraudulent incidents and issues to resolution through the SEV process, coordinating with engineering, security, and legal teams
• Process Improvement: Drive process improvements to ensure security programs are efficient, scalable, and reliable, and maintain cross-functional alignment
• Security Assessments: Coordinate and track security assessments, vulnerability testing, and mitigation plans to close identified technical vulnerabilities
• Stakeholder Engagement: Engage cross-functional stakeholders (e.g., Legal, GRC, Engineering, Operations) on security, risk, and compliance requirements, and prepare and present program updates to leadership

Benefits

• bonus
• equity
• benefits