Security Program Manager

Description:

As ai integral part of the team, the security program manager, you will be responsible for planning, executing, and monitoring security projects and initiatives across our organization. You will work closely with security engineers, analysts, and stakeholders to ensure that our security goals and objectives are met. You will also oversee the security risk management process, conduct security audits and assessments, and report on security metrics and performance.

The ideal candidate is a collaborative team player who can influence and collaborate with a team of security and technology professionals to ensure organizational goals are met in budget and on time; a collaborating partner who is believes in teamwork.

Responsibilities

· Manage the security project portfolio and ensure alignment with the security strategy and roadmap.

· Coordinate and communicate with security teams and stakeholders on project scope, deliverables, status, and issues.

· Track and report on security project progress, budget, resources, and risks.

· Facilitate the security risk management process, including identification, analysis, mitigation, and reporting of security risks.

· Conduct security audits and assessments to evaluate the effectiveness of security controls and compliance with security policies and standards.

· Perform and oversee static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) to identify and remediate security vulnerabilities in the software development lifecycle.

· Manage the pentest results and ensure that the findings are properly validated, prioritized, and resolved.

· Prepare and present security reports and dashboards to senior management and stakeholders.

· Provide guidance and support to security teams and stakeholders on security best practices, processes, and tools.

· Assist with the proof of concept and implementation of new security products and solutions.

Qualifications

· Bachelor's degree in computer science, information security, or related field, or equivalent work experience.

· At least 5 years of experience in security project management, security risk management, or security consulting.

· Strong knowledge of security frameworks, standards, and best practices, such as NIST, ISO, PCI, etc.

· Proficient in security project management tools and methodologies, such as Agile, Scrum, Kanban, etc.

· Excellent communication, collaboration, and problem-solving skills.

· Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) certification is a plus.

· Project Management Professional (PMP), Certified Scrum Master (CSM), or Certified Project Management Practitioner (CPMP) certification is preferred.

· Experience with SAST, DAST, and SCA tools and techniques is highly desirable.

· Experience with pentest tools and methodologies is a plus.

· Experience with evaluating and implementing new security products and solutions is a plus.