Security Program Manager

3+ years in an information security role. Broad knowledge of security best practices, frameworks, control types, and relevant technologies. Ability to understand client infrastructure and map security controls to meet compliance goals. Strong analytical skills to evaluate environments and determine appropriate safeguards. Excellent verbal and written communication skills. Self-driven with the ability to work independently and move fast in a startup environment. Willingness to go the extra mile to meet tight deadlines and deliver results.

Conduct initial consultation calls with new clients to assess their current security posture, infrastructure stack, compliance requirements and overall objectives. Provide guidance and recommendations for improving client security posture. Develop high-level security programs consisting of technical, operational and administrative controls based on industry frameworks and client needs. Collaborate with clients to customize and refine the security program to match their specific use cases. Communicate with clients and stakeholders to ensure smooth and efficient security program creation. Liaise with auditors to ensure clients' security programs align with auditors' expectations. Maintain expertise across a range of security frameworks, control types, and technologies including NIST, SOC2, ISO27001, CMMC, AWS, Azure, GCP, Kubernetes, Docker, Terraform, and more. Provide feedback to Oneleet's engineering team to inform development of integrations, solutions, and products that deliver on client needs. Be highly technical, learn new technologies quickly, and translate security concepts into implementations. Partner with internal teams to translate security programs into implementations consisting of policies, procedures, configurations and software integrations.