Program Manager - IAM/Security

The Fountain Group
Santa Clara, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 208K

Job location

Remote
Santa Clara, United States of America

Tech stack

Software System Penetration Testing
Computer Security
Identity and Access Management
Salesforce
Software Vulnerability Management
Software Security
Functional Dependencies
Google Meet
Vulnerability Analysis

Job description

  • Day in the life: Program Manager usually start understanding right standups for the day, pull in right stakeholders, build agendas and host meetings, mitigate risks/scope adds, etc. Sometimes sync in Slack, sometimes Google Meet to drive conversations and identify next steps or escalate options. Once per week do status report on the overall program for stakeholders. Will monitor Slack channel activities related to the program., * As a senior level progra, management consultant, responsible for support of medium-large programs.
  • Own end-to-end security integration timeline, milestones, and deliverables across revelvant security domains (IAM, CSOC, Product Security, Infrastructure Security, FedRAMP, Vulnerability Management, Third Party Security, Enterprise Security, Compliance/GRC, Testing)
  • Drive weekly standups, status reporting, and executive communications
  • Maintain program plans, risk registers, and cross-functional dependencies with IT, Engineering, Legal, CorpDev, and Procurement
  • Partner with domain leads to define integration scope, timelines, and success criteria
  • Track security assessments (vulnerability scanning, pen testing, threat modeling, code audits) and uplift activities (log onboarding, EDR deployment, secrets remediation)
  • Ensure acquired company security posture meets Salesforce standards before product sales acceleration
  • Serve as primary security liaison to acquired company security and engineering leadership
  • Translate technical security requirements into business impact for executives
  • Present program status, risks, and mitigation strategies to Security Leadership Team and M&A steering committees
  • Identify, document, and escalate security integration risks and blockers with clear mitigation strategies
  • Navigate trade-offs between security readiness and business timelines (e.g., uMSA availability)
  • Establish exception processes and compensating controls when standard gates cannot be met
  • Develop security integration playbooks, templates, and runbooks based on lessons learned
  • Document security architecture decisions, contract content, and create handoff materials for operational teams post-integration

Requirements

  • Must have skills: Security domain - would like experience in cybersecurity programs. IAM, Threat & Vulnerabilities Management, SESOC (incident center response). Will understand acquired companies landscape to integrate into Salesforce tooling and processes. Assets to be onboarded, connect laptops to Salesforce domains, security and infrastructure domains knowledge necessary. M&A comes in a certain way - now asking them to change and adopt to Salesforce way. Great comms necessary. Also organizational skills. Strong Program Mgmt skills.
  • Nice to have: M&A experience., * Bachelor's Degree.
  • 5+ years of program management experience with a proven track record of delivering business value;
  • 4-6 years experience managing projects for security and merges and acquisitions;
  • 4-6 years experience successfully managing large programs with multiple sub-projects;
  • Understanding and ability to work in a matrix management environment;
  • Understanding the security and compliance processes

Apply for this position