Security Technical Program Manager

Role Overview

The Security Technical Program Manager (TPM) will be responsible for the definition, execution, and oversight of critical security programs focused on client assurance, operational compliance, and platform security. This role requires a strong focus on program management and cross-functional coordination to embed security and legal standardization across client projects and manage ongoing compliance activities. The ideal candidate will drive the standardization of legal verbiage and security practices across the organization's client-facing work, ensuring predictable execution, reduced risk, and consistent security standards for client codebases. This role partners closely with Security, Engineering, Legal, Compliance, and Client teams.

Key Responsibilities

Portfolio & Program Management

• Own the portfolio view of Tech Platforms within the broader security strategy.
• Structure and manage strategic programs required to deliver roadmap objectives
• Define milestones, delivery plans, and success metrics for major initiatives.
• Track progress against portfolio commitments and escalate risks proactively.
• Manage cross-functional dependencies across Engineering, Product Management, Legal, and other stakeholders.
• Support quarterly and annual planning cycles, including investment
• Ensure predictable execution through structured governance and reporting cadence.

Cross-Functional Collaboration

• Collaborate with Engineering, Product Management, Legal, Risk, and Compliance stakeholders.
• Facilitate stakeholder alignment, trade-off decisions (e.g., security vs. speed), and expectation management.
• Influence without direct authority to drive secure design principles and manage cross-functional projects to ensure delivery.

Client Project Standardization:

• Lead the strategic initiative to standardize legal verbiage and security requirements across client projects.
• Client Code Security: Drive implementation of consistent security standardization to secure client codes and ensure ongoing maintenance and protection of the codebase.
• Own the coordination of security deployment approvals for client projects with clients, engineering and security teams

Operational Security & Compliance

• Coordinate PCI compliance efforts by creating required reports and managing activities for all PCI accounts.Manage the coordination of the yearly PCI/ISO Audit for all accounts within the Tech Platform.Conduct quarterly User Access Reviews (UAR) to certify user access for AWSGenerate and report artifacts for 1LOD, 2LOD, 3LOD for corrective action plan and risk reduction plans

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
• 5+ years of experience in technical program management, cybersecurity, or risk management
• Demonstrated experience in Product Security (AppSec), DevSecOps, or AI/ML Security domains.
• Demonstrated experience building and managing strategic roadmaps tied to measurable outcomes.
• Strong understanding of security compliance frameworks (e.g., PCI, ISO) and operational security domains (e.g., User Access Reviews, AWS security roles, Secure SDLC/SAST)
• Strong understanding of secure development practices, vulnerability management, and common software security frameworks.
• Proven ability to partner with engineering and legal teams to drive standardization and manage security due diligence.
• Excellent written and verbal communication skills, with demonstrated experience facilitating stakeholder alignment and influencing without direct authority
• Experience working in matrixed organizations and managing dependencies across multiple business units.