As a Sr Security Technical Program Manager, you will play a critical role in safeguarding our products and services through effective vulnerability management, incident response, bug bounty, security/privacy metrics tracking, and partnerships with engineering teams. You will use your technical security knowledge to successfully drive programs and earn trust from engineers. Reporting directly to the Chief Information Security Officer, you will lead, drive, and monitor programs and initiatives to empower our engineering teams in building secure infrastructure at scale. You will be expected to innovate and improve in the space.
Vulnerability Management Program: Take ownership of the vulnerability management program across all products and services. Identify, prioritize, and address vulnerabilities effectively to bolster our security measures.
Incident Response Process: Lead and manage the incident response process, engaging with teams, customers, and leadership. Ensure efficient and clear communications during incidents.
Bug Bounty Management: Collaborating with external security researchers to efficiently assess and categorize vulnerabilities, accurately gauge their impact, and uphold service level agreements (SLAs) during the engagement.
Security/Privacy Metrics and Reporting: Develop and track key security and privacy metrics company-wide. Use data-driven insights to continuously improve our security practices. Provide regular reports on security metrics, incidents, and the overall security posture to executive leadership and stakeholders.
Collaboration and Partnership: Work closely with software development and operations teams, enabling them to implement security and privacy initiatives seamlessly.
Secure and Privacy-Minded Solution: Collaborate with machine learning, search, product, infrastructure, data, and frontend teams to design elegant and secure solutions.
Risk Mitigation: Collaborate with all departments at Moveworks to understand business and technical risks, taking measures to reduce or mitigate them while enhancing our overall security and privacy posture.
Program Management: Efficiently manage complex and large-scale cross-team, cross-functional initiatives related to security and privacy.
Resource Management and Communication: Interface with engineering managers and engineers to estimate work efforts, define milestones, manage resources, and communicate progress to upper management and project stakeholders.
Obstacle Removal and Momentum: Proactively identify and remove obstacles, ensuring smooth progress. Handle issue escalations and support teams juggling competing priorities.
Results-Driven Approach: Demonstrate a proactive and results-oriented approach to achieve security objectives.