Technical Program Manager, Product Security

This is a fully remote position, open to applicants in Canada.

📋 Description

• Take ownership of the complete remediation process, from validated findings to fix verification. Establish and enforce service level agreements (SLAs) based on severity, monitor progress across engineering teams, escalate aging findings, and facilitate the resolution of blockers.

• Manage third-party penetration tests, including scoping, scheduling, vendor coordination, finding intake, and tracking through remediation. Oversee the operational aspects of the bug bounty program, ensuring that researcher submissions are acknowledged, triaged, validated, and resolved within agreed timelines.

• Develop and sustain security kanban boards that provide comprehensive visibility into vulnerability status for the entire organization: internal findings, penetration test results, bug bounty submissions, and security exceptions. These boards serve as the definitive source of truth, allowing engineering teams to understand their responsibilities, security leadership to gauge posture, and Customer Trust to have necessary information for customer interactions.

• Leverage Claude and other LLM platforms to automate finding intake and routing, generate status reports, identify at-risk SLAs, draft communications for stakeholders, and highlight patterns that suggest systemic issues. Focus your efforts on judgment and coordination by allowing AI to manage repetitive tracking tasks.

• Manage the security exception process, which includes intake, risk documentation, approval routing, time-bound tracking, and enforcement of expiration. When an engineering team requests an exception, ensure that it is documented with clear risk context, reviewed by the appropriate parties, and actively monitored until expiration.

• Oversee Product Security metrics, including mean time to remediate, SLA compliance, finding aging, exception counts, recurrence rates, and product coverage. Create reports that cater to the VP (portfolio posture), engineering leaders (team-specific queues), and Customer Trust (defensible data for customer security evaluations).

• Collaborate with Engineering and Product Management on remediation prioritization and release planning. Work alongside Customer Support and Customer Trust on vulnerability status for customer inquiries and security questionnaires. Partner with Cyber Defense on findings that span product and infrastructure boundaries. Keep Security Architects and Product Security Engineers aligned on remediation progress.

⛳️ Requirements

• A minimum of 5 years in Technical Program Management, Security Program Management, or a comparable role leading cross-functional security initiatives.

• Proven experience managing vulnerability management processes end to end, including intake, triage, tracking, SLA enforcement, exception management, and reporting.

• Experience coordinating penetration tests, bug bounty programs, or external security assessments, and successfully driving findings through remediation across multiple engineering teams.

• Practical experience utilizing LLM platforms (Claude, OpenAI, or similar) to automate program management workflows such as reporting, triage routing, status tracking, or stakeholder communications.

• Strong stakeholder management skills that enable effective communication with both technical and non-technical audiences. Capable of driving an engineering team to meet SLAs, briefing a VP on portfolio risks, and providing Customer Trust with necessary information for customer calls.

• Experience in creating and maintaining tracking systems (Jira, kanban boards, dashboards) that act as a reliable single source of truth.

• A solid understanding of security vulnerabilities, allowing for credible discussions regarding severity, risk, and remediation priorities, as well as evaluating the technical soundness of pushback from engineering on findings.

🏝️ Benefits

• Health insurance

• 401(k) matching

• Paid time off

• Flexible work arrangements

• Professional development opportunities