Security Vulnerability Program Manager

We are seeking a highly skilled and motivated Technical Program Manager to join our Engineering Operations team. This role will focus on overseeing the end-to-end management of cybersecurity vulnerabilities within our organization. You will work closely with engineering teams, security teams, and leadership to manage remediation efforts, track vulnerabilities, and escalate risks to ensure that our cybersecurity posture remains strong and resilient. The ideal candidate will have a technical background in cybersecurity, strong program management skills, and experience working with cross-functional teams.

Key Responsibilities:

• Manage Cybersecurity Vulnerabilities: Oversee and track the identification, classification, and remediation of cybersecurity vulnerabilities across systems and platforms, ensuring timely and effective resolution.

• Program Management: Develop and manage a comprehensive program to address vulnerabilities, creating and maintaining a detailed Jira plan for all ongoing remediation efforts.

• Stakeholder Coordination: Collaborate with Engineering, Security, and Operations teams to prioritize and track vulnerability remediation efforts. Ensure all stakeholders are aligned and informed on progress, timelines, and risks.

• Risk Escalation: Identify and assess risks associated with ongoing vulnerabilities and escalation paths to senior Engineering and CISO leadership for critical issues that need immediate attention or resources.

• Reporting and Documentation: Provide regular updates to leadership on vulnerability status, remediation progress, risk assessments, and any emerging trends or challenges.

• Continuous Improvement: Drive improvements in vulnerability management processes, tools, and workflows to increase efficiency, reduce risk exposure, and enhance the overall security posture of the organization.

• Cross-functional Collaboration: Work closely with teams across the organization, including Engineering, IT, and Security Operations, to ensure alignment on goals and effective execution of remediation plans.

• Incident Response: Support the team with incident management as needed, assisting in prioritizing vulnerability remediations based on real-time threat intelligence and operational needs.

Required Qualifications:

• Experience with security automation tools and vulnerability management platforms.

• Familiarity with cloud security (AWS, Azure, GCP) and securing modern, distributed applications.

• Knowledge of incident response and threat intelligence.

• Bachelor's degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience).

• 5+ years of experience in a technical program management role, preferably in cybersecurity or related domains.

• Proven experience managing cybersecurity vulnerabilities, risk assessments, and remediation processes.

• Strong technical understanding of cybersecurity frameworks, vulnerability management, and remediation techniques.

• Proficiency with Jira, Confluence, or similar project management tools for planning and tracking remediation efforts.

• Excellent communication skills with the ability to clearly articulate technical issues to non-technical stakeholders and escalate risks to senior leadership.

• Experience working with cross-functional teams and managing complex technical projects.

• Knowledge of industry standards and best practices for vulnerability management (e.g., NIST, CVSS, OWASP).

• 2-5 years of Program Management experience in a high-tech organization successfully delivering large, distributed enterprise Agile projects, including dependency mapping, project delivery sequencing, ability to understand both high level and low-level project delivery details. Experience delivering enterprise level customer programs/projects is a plus.  

• Exceptional track record of setting and achieving detailed program/project goals.  

• Strong analytical, problem-solving skills, and makes data-driven decisions.  

• High initiative and passion for helping teams continuously improve program/project delivery.  

• Development experience in Java based web applications and micro services is preferred.  

• Track record of managing executive level escalations and collaborating across the org to perform RCAs.