Security Program Manager

Key Responsibilities

• Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives.
• Provide guidance and recommendations for improving client security posture.
• Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs.
• Collaborate with clients to customize and refine the security program to match their specific use cases.
• Communicate with clients and stakeholders to ensure smooth and efficient security program creation.
• Liaise with auditors to ensure clients' security programs align with auditors' expectations.
• Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more.
• Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs.
• Be highly technical, learn new technologies quickly, and translate security concepts into implementations.
• Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations.

Requirements

• 3+ years in an information security role.
• Broad knowledge of security best practices, frameworks, control types, and relevant technologies.
• Ability to understand client infrastructure and map security controls to meet compliance goals.
• Strong analytical skills to evaluate environments and determine appropriate safeguards.
• Excellent verbal and written communication skills.
• Self-driven with the ability to work independently and move fast in a startup environment.
• Willingness to go the extra mile to meet tight deadlines and deliver results.