# Security Program Manager

**Company:** [Oneleet](https://hotfix.jobs/companies/oneleet)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $75k – $140k/yr
**Experience:** 3+ years
**Skills:** Nist, Soc2, Iso27001, Cmmc, AWS, Azure, GCP, Kubernetes, Docker, Terraform
**Posted:** 2025-11-03

> Assess client security postures, develop customized security programs using frameworks like NIST and SOC2, provide implementation guidance, and collaborate with auditors and internal teams to achieve compliance goals.

## Job Description

## Key Responsibilities
- Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives.
- Provide guidance and recommendations for improving client security posture.
- Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs.
- Collaborate with clients to customize and refine the security program to match their specific use cases.
- Communicate with clients and stakeholders to ensure smooth and efficient security program creation.
- Liaise with auditors to ensure clients' security programs align with auditors' expectations.
- Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more.
- Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs.
- Be highly technical, learn new technologies quickly, and translate security concepts into implementations.
- Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations.

## Requirements
- 3+ years in an information security role.
- Broad knowledge of security best practices, frameworks, control types, and relevant technologies.
- Ability to understand client infrastructure and map security controls to meet compliance goals.
- Strong analytical skills to evaluate environments and determine appropriate safeguards.
- Excellent verbal and written communication skills.
- Self-driven with the ability to work independently and move fast in a startup environment.
- Willingness to go the extra mile to meet tight deadlines and deliver results.

## Similar roles

- [Security Engineer](https://hotfix.jobs/jobs/ceb8001f-2a82-4065-881a-a179d4ae65b9) - Sourcegraph - Remote - $72k – $144k/yr
- [GRC Program Manager](https://hotfix.jobs/jobs/5b121fcc-25d9-471c-a57f-273f2ea2942b) - Astra - Remote - $95k – $135k/yr
- [Compliance Analyst](https://hotfix.jobs/jobs/b1657e99-edcc-41eb-b820-8b3e05df4e67) - Harvey - San Francisco, CA - $99k – $149k/yr
- [Application Security Engineer](https://hotfix.jobs/jobs/d240253e-6098-4419-8f04-aaf793f42c03) - Zocdoc - Remote - $100k – $140k/yr
- [Security Engineer, Application Security](https://hotfix.jobs/jobs/18d79ceb-6c9b-4ecf-819a-fcd37324835f) - Trail of Bits - Remote - $100k – $200k/yr

**Apply:** https://hotfix.jobs/jobs/cc6ab668-1e76-49cc-b532-e9c24ed63227
**Canonical:** https://hotfix.jobs/jobs/cc6ab668-1e76-49cc-b532-e9c24ed63227