Principal Technical Program Manager - InfoSec

View full description

Requirements:

• 7+ years of experience in security architecture and governance, risk management, IT compliance, IT audit, or related areas.
• Deep expertise in security architecture review and design.
• Extensive experience in threat modelling, network engineering, network security, threat and vulnerability management, database security, SDLC, and release management.
• Thorough understanding of widely recognized security architecture frameworks, including TOGAF (The Open Group Architecture Framework), NIST Cybersecurity Framework, and SABSA (Sherwood Applied Business Security Architecture).
• Experience with cloud technologies and environments, especially in evaluating and implementing security controls for Infrastructure as a Service (IaaS).
• Deep understanding of exception handling, risk management processes, and their practical application within security and governance frameworks.

Responsibilities:

• Manage and optimize processes, structures, and policies that align IT resources with organizational goals, ensuring efficient management and control of resources.
• Collaborate with key stakeholders to advance governance initiatives and guarantee continuous compliance with industry-leading security standards and frameworks, acting as a subject matter expert on security architecture frameworks and governance, offering guidance and maintaining documentation for team processes.
• Address roadblocks, manage escalations, and offer regular updates to leadership while balancing business needs with security constraints.
• Lead strategic planning initiatives to improve security and operational efficiency, fostering collaboration among teams and encouraging ongoing team development.
• Guide teams to adopt process improvements and automation techniques while supporting security architecture enhancements as needed.
• Stay informed about changes in regulatory environments and ensure the timely implementation of relevant security measures.