Technical Program Manager - Security
$137,172 - $137,172/Yr
Fivetran - Denver, CO
posted 23 days ago
Full-time - Mid Level
Denver, CO
Publishing Industries
About the position
Fivetran is seeking a high-performance Technical Program Manager (TPM) with a focus on security to lead and manage security-related initiatives across the organization. This role involves collaborating with cross-functional teams to ensure the successful planning, execution, and delivery of security programs, acting as a bridge between technical teams and business stakeholders to align with organizational goals while mitigating security risks. The TPM will work in a multi-cloud environment and will be responsible for enhancing security processes and tools.
Responsibilities
- Lead the execution of the security vulnerability management program for engineering, including infrastructure, code, and dependency vulnerabilities.
- Collaborate with Security and Engineering teams to identify, prioritize, and patch vulnerabilities, ensuring effective delivery of security fixes.
- Enhance processes by evaluating tools, recommending improvements, and driving automation for faster resolution.
- Analyze and streamline security issues using tools like Prisma and Snyk through filtering, deduplication, and automation.
- Establish and lead a code scanning program in collaboration with infrastructure, engineering, and security teams.
- Dedicate up to 20% of time to assess business systems for vulnerabilities and compliance gaps, developing a scanning and detection plan.
- Advocate for tools and solutions that support shift-left strategies in the development lifecycle.
Requirements
- Over 5 years of experience in technical program management with a strong focus on security engineering, vulnerability management, cloud security, and application security.
- Proficient in applying program management methodologies, tools, and best practices to deliver complex security initiatives.
- Exceptional skills in prioritization, organization, and multi-tasking to manage multiple programs effectively.
- Proven ability to work collaboratively with cross-functional teams including product teams, SRE/QE engineers, and developers.
- Deep understanding of key security domains, including application/infrastructure security, data privacy, threat modeling, and secure software development lifecycle (SDLC).
- Strong grasp of security concepts such as network security, encryption, authentication, and authorization.
- Hands-on experience with SAST/DAST tools, agent-based firewalls, IDS/IPS technologies, and automation tools for security orchestration.
- Proficient in researching and validating vulnerabilities while proposing effective remediation or mitigation strategies.
- Strong familiarity with OWASP principles and best practices for securing web applications.
Nice-to-haves
- Up-to-date knowledge of market trends, emerging technologies, and best practices in cloud security.
- Strong analytical, problem-solving, and communication skills to address security challenges.
Benefits
- 100% employer-paid medical insurance
- Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off
- RSU stock grants
- Professional development and training opportunities
- Company virtual happy hours, free food, and fun team-building activities
- Monthly cell phone stipend
- Access to an innovative mental health support platform for personalized care and resources.
