What You'll Do

Own end-to-end program management for security initiatives including pen testing cycles, vulnerability remediation tracking, incident response readiness, and security reviews for new product launches
Build and maintain program infrastructure including risk registers, status dashboards, escalation paths, and retrospective processes
Coordinate third-party security assessments and audits across Engineering, Legal, and Compliance teams
Drive IT programs spanning device management, SaaS tooling, identity and access management, and endpoint security
Facilitate sprint ceremonies and maintain healthy backlogs for security and IT teams while balancing sprint-level execution with multi-quarter roadmap planning
Embed with security engineering teams to track delivery of internal security tooling and detection pipelines, translating complex work into clear org-wide visibility
Identify and remove blockers early, escalating with context and proposed solutions to keep programs moving

What We're Looking For

5+ years of technical program management experience with at least 2 years owning security or infrastructure programs
Demonstrated ability to manage multiple complex programs simultaneously in ambiguous environments without losing detail
Strong technical fluency and experience working with security frameworks like SOC 2, CIS v8, NIST CSF, and vulnerability management lifecycles
Proven track record of building program management infrastructure from scratch in fast-moving environments
Excellent written and verbal communication skills, including ability to present risk trade-offs clearly to executives
(Plus) Experience at crypto, fintech, or high-security-bar startups
(Plus) Familiarity with tools like Vanta, Drata, Jira, or Linear
(Plus) Background in software engineering or security engineering
(Plus) PMP, PMI-ACP, or CSM certification