Senior Program Manager, Information Security

Are you passionate about combining security strategy, hands-on technical work, and business impact? We're seeking a Senior Program Manager Information Security to own our client's cybersecurity posture and help shape secure, scalable operations across the organization. This high-visibility role partners with leadership, engineering, and DevOps teams to identify risks, strengthen defenses, and drive modern security practices in a cloud-first environment., * Serve as the primary hands-on security owner & executor plus support broader security & data privacy function

• Partner closely with IT Operations, Compliance, and Software Development teams, as well as cross-functional business stakeholders outside of IT
• Take ownership of information security, cybersecurity, data privacy & security controls across the organization
• Design, implement & maintain security controls, policies, standards, and procedures to mitigate evolving threats
• Identify, analyze, and respond to security vulnerabilities, threat vectors, and incidents in real time
• Lead incident response activities, including triage, investigation, containment, and remediation using logs, SIEM tools, and monitoring systems
• Monitor system activity and perform continuous evaluation of security posture and risk exposure
• Support secure application development by reviewing architectures, integrations, and DevSecOps practices
• Assist in implementing data loss prevention (DLP), privacy controls, and compliance requirements
• Administer and improve identity and access management controls using Microsoft Entra ID (Azure AD)
• Work with mature DevSecOps processes, ensuring security is embedded into CI/CD & deployment pipelines
• Document threats, vulnerabilities, and remediation strategies, and provide regular reporting to leadership
• Collaborate on physical security systems like access controls & related infrastructure (training provided)
• Participate in security system administration, monitoring, and operational support as needed
• Support training and awareness initiatives related to security best practices and DevSecOps adoption
• Transition from a hands-on individual contributor role into a future team leadership position, including people management as the function scales

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience)

• 5+ years of progressive experience in information security

• Strong program management and cross-functional leadership skills

• Proven experience working with cloud security, particularly within Azure environments

• Hands-on experience with Microsoft Entra ID (Azure AD)

• Solid understanding and practical application of DevSecOps principles and tooling

• Experience with security and vulnerability tools such as:

• SonarQube, Nessus, Nmap, Nexpose, Metasploit, Wireshark, GitLab, etc.

• Strong knowledge of security frameworks and standards:

• ISO 27001, NIST, SOC 2, COBIT, ITIL, PCI-DSS, SANS Top 20

• 100% paid medical, dental, and vision premiums for you and your qualifying dependents
• A 50% 401(K) match, up to the IRS maximum
• 20 days of PTO*, plus 10 paid holidays
• Family Support programs, including 8 weeks of Paid Primary Caregiver leave, adoption assistance & back-up childcare