Security Engineer managing end - to - end security for Pylon's mortgage API platform. Locking down sensitive customer data and drafting best practices for security policies.
CI
Hybrid Senior Technical Program Manager, Product Security
Posted last month
About the role
- Senior Technical Program Manager shaping application security at Chan Zuckerberg Initiative. Collaborating with teams to enhance security protocols for scientific and educational innovations and technology solutions.
Responsibilities
- Conceive, design, develop, and improve industry-leading security tooling, automation, architecture, and/or frameworks that enable enterprise teams at scale to deliver applications and services with appropriate security controls to meet evolving requirements for security and privacy.
- Identify and eliminate classes of security problems by shifting detection and prevention left into the development workflow.
- Provide just-in-time, actionable, technical security guidance to enterprise application and service teams.
- Ensure prioritization, resourcing, and timely delivery of work within a changing business environment.
- Collaborate with cross-functional teams to ensure security work is being prioritized and addressed.
- Drive end-to-end execution of technical security projects, including requirements gathering, scoping, status updates, and delivery milestones.
- Establish and report metrics to track compliance, program health, and ongoing risk posture.
- Coordinate with third-party vendors and auditors to augment internal security capabilities.
- Serve as a subject matter expert on infrastructure, architecture, and application security, offering guidance to technical and non-technical stakeholders.
- Support security reviews, threat modeling, and incident response efforts for applications and production infrastructure.
Requirements
- 5+ years of technical program management or equivalent experience, with a specific focus on security or application security.
- Demonstrated proficiency with secure SDLC processes and best practices for integrating security throughout the software development lifecycle.
- Hands-on experience designing and managing security controls within CI/CD pipelines, using automation frameworks to enable secure code delivery and rapid remediation.
- Familiarity with threat modeling, static and dynamic application security testing (SAST/DAST), and software composition analysis (SCA) tools.
- Deep understanding of DevSecOps principles, security automation, and infrastructure-as-code security.
- Experience driving the adoption of vulnerability management, architectural best practices, and incident response for cloud-native and distributed applications.
- Knowledge of container security (Docker, Kubernetes), microservices architectures, and cloud platform security (AWS, Azure, GCP).
- Experience leading end-to-end security architecture design and governance across complex, cloud-native, and hybrid enterprise environments, aligning security capabilities to business and risk objectives.
- Proven ability to define and maintain reference architectures, security patterns, and control standards spanning network, identity, data protection, and application security domains.
- Skilled in conducting architecture risk assessments and design reviews, ensuring new and existing solutions meet zero trust, defense-in-depth, and compliance requirements in regulated industries.
Benefits
- Provides a generous employer match on employee 401(k) contributions to support planning for the future.
- Paid time off to volunteer at an organization of your choice.
- Funding for select family-forming benefits.
- Relocation support for employees who need assistance moving
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Account Manager developing strategic customer relationships in the Cybersecurity and Insurance sector. Collaborating with insurers and partners to enhance service offerings.
Leading Cyber Security team to tackle complex challenges for European digital security. Responsible for team development, budget management, and compliance with security requirements.
Lead AI Cybersecurity Engineer developing strategies, controls, and policies for AI security at Abbott. Ensuring the responsible application of AI technologies across the enterprise and products.
Desenvolver e gerenciar políticas de segurança e privacidade da informação na DropReal. Colaboração entre TI, Jurídico e Negócios para garantir a conformidade em Segurança da Informação.
Responsible for ISO compliance and security management in a growing organization. Ensuring adherence to ISO standards and leading quality improvement initiatives.
Security Consultant analyzing customer IT infrastructures and advising on security solutions in complex environments. Conducting audits and evaluating security events with expertise in IT - Security standards.
Information Security Consultant at Smartdesc providing strategic security guidance and support for customers. Overseeing security projects and improving clients' security posture effectively.
Lead end - to - end incident investigations and drive durable remediation across cloud and on - prem environments. Collaborate with Infra, Dev, and SRE teams to build secure, observable, and resilient systems.
Project Manager responsible for coordinating HSE initiatives at CMA CGM Group, a global leader in shipping and logistics. Monitoring performance metrics and reporting results to ensure safety and compliance.