Senior Technical Program Manager, Security

This is a fully remote position, open to applicants in District of Columbia.

📋 Description

• Diagnose, prioritize, and enhance the maturity of the security program.

• Conduct a thorough assessment of the current state: pinpoint what is effective, what is developing, and what requires reconstruction.

• Create a prioritized, multi-quarter roadmap that aligns risk reduction with business realities—proactively, without waiting for a problem statement.

• Establish governance, ownership, and metrics that render the portfolio comprehensible and actionable for security leadership, engineering leadership, and executives.

• Maintain focus on outcomes—prioritizing results over activity or artifacts.

• Convert security requirements into engineering practices.

• Make security by design the default operational standard: implement shift-left practices, threat modeling, architecture reviews, and embed controls into team planning and delivery.

• Oversee the convergence of security necessities and engineering capabilities—facilitating progress on both fronts seamlessly.

• Eliminate obstacles that hinder alignment between security intentions and engineering execution.

• Cultivate habits and structures that endure beyond individual programs or initiatives.

• Manage the compliance landscape while remaining vigilant about genuine risks.

• Translate HIPAA, financial controls, and governance requirements into resilient programs that minimize actual exposure and scale—beyond merely satisfying milestone audits.

• Align compliance investments with the company’s future direction, not just its past.

• Develop evidence frameworks, metrics, and operational readiness that withstand scrutiny at scale.

• Proactively shape the AI security framework to preempt potential crises.

• Consolidate Aledade's stance on AI risk, guardrails, and governance as AI becomes integral to our operations and products.

• Construct the scaffolding—principles, review processes, accountability structures—that provides a framework for others to execute against.

• Operate decisively in an industry space that is still defining its parameters.

• Foster alignment across a complex, high-stakes intersection.

• Navigate the interface between security, engineering, compliance, legal, and finance—without managing any personnel directly.

• Minimize inefficiencies that hinder the effectiveness of subject matter experts by clearing the path for them.

• Highlight practices that are becoming normalized when they should not be—such as deferred risks, unmentioned gaps, and programs that exist solely on paper.

• Drive evidence-based decision-making that endures—from architecture through development to executive risk assessment.

• Exhibit full-stack program leadership: equally adept in architecture reviews, compliance audits, risk discussions with the CTO, and sprint planning with engineering teams.

⛳️ Requirements

• 10+ years of experience in technical program management at a Staff-level scope—managing cross-organizational, ambiguous, high-stakes security initiatives.

• Extensive fluency in security domains: frameworks, controls, HIPAA and financial obligations, risk management—and their implications for engineering decisions.

• Strong technical judgment capable of questioning the status quo, challenging architectural choices, and discerning real risks from inherited noise.

• Proven history of transforming security programs—enhancing maturity, bridging gaps, and aligning programs with business trajectories.

• Ability to influence without authority among senior security, engineering, compliance, and executive stakeholders.

• Strong outcome orientation focused on risk reduction and program maturity.

🏝️ Benefits

• Flexible work schedules and remote work options available for many roles.

• Health, dental, and vision insurance coverage up to 80% for employees, dependents, and domestic partners.

• Comprehensive time-off policy (21 days of PTO in your first year).

• Two paid volunteer days and 11 paid holidays.

• 12 weeks of paid parental leave for all new parents.

• Six weeks of paid sabbatical after six years of service.

• Educational Assistance Program and Clinical Employee Reimbursement Program.

• 401(k) plan with up to 4% matching.

• Stock options.

• And much more!