Job Closed
This listing is no longer active.
Search and sample materials from hundreds of leading brands. Order by midnight, receive by 10:30am.
Senior Program Manager, Information Security
Location
United States
Posted
128 days ago
Salary
0
Seniority
Senior
Job Description
Senior Program Manager, Information Security
Material Bank
• Lead and mature Material Bank’s enterprise information security program through a multi year roadmap aligned to business strategy, growth, and global expansion. • Establish and maintain security policies, standards, and operating procedures that scale across cloud platforms, applications, data, and emerging technologies, including AI. • Own the security risk management framework, including risk identification, scoring, acceptance, tracking, and executive reporting, supported by a maintained risk register and clear visibility into trends and remediation status. • Define and track security metrics and KPIs that demonstrate program effectiveness, predictability, and maturity. • Own audit, compliance, and assurance efforts, including SOC 2 Type I and progression to Type II, ensuring controls are implemented, evidence is maintained, and audits remain repeatable and low friction. • Lead customer security questionnaires and enterprise assurance requests in partnership with Legal, IT, and Engineering. • Support privacy and regulatory obligations, including GDPR, ROPA inventories, and regional data requirements. • Define and enforce security requirements for AWS infrastructure using native cloud security services and guardrails. • Establish application security standards across internal and customer facing platforms, including secure SDLC practices, penetration testing, and remediation accountability. • Conduct security assessments for new systems, architectures, and major platform changes. • Own identity and access management strategy, including SSO, role based access, provisioning, and periodic access reviews. • Establish enterprise wide data classification and data handling standards. • Ensure access and data protection controls scale with growth and global expansion through partnership with IT, Engineering, and platform owners. • Own detection, incident response, and resilience strategy, including playbooks, third party incident response coordination, post incident analysis, security monitoring, alerting, and continuous improvement. • Support disaster recovery and business continuity planning from a security perspective, including tabletop exercises and recovery documentation. • Own the security technology stack, including endpoint protection, vulnerability management, monitoring, and security awareness tooling. • Evaluate, select, and manage security vendors for effectiveness and cost efficiency. • Directly implement and remediate security controls, configurations, and tooling gaps when risk, timing, or dependency constraints require hands on execution. • Leverage automation and AI assisted workflows to operate efficiently as a one person function. • Perform vendor security reviews, ongoing third party risk monitoring, remediation tracking, and executive risk acceptance.
Job Requirements
- 8+ years of experience in information security, security engineering, or security program leadership.
- Direct ownership of SOC 2 or comparable assurance frameworks, including implementation, remediation, and sustained operation.
- Strong working knowledge of AWS cloud security, identity and access management, application security, and incident response.
- Demonstrated ability to operate independently with high accountability and limited resources.
- Proven ability to define strategy while executing hands on remediation when needed.
- Strong judgment in prioritizing risk and making pragmatic tradeoffs aligned to business needs.
- Ability to communicate security risk clearly to both technical and non technical stakeholders.
- Experience building security programs that scale globally without requiring a traditional security organization.
Benefits
- Our people: We are a growth-driven team that values efficiency, builds smart automation, operates in small empowered teams, and moves quickly from idea to execution.
- Relaxation and Celebrations: Flexible PTO, Sick Days, Paid National Holidays, and even more (ask us about this when we connect).
- Health Benefits: We contribute to your medical, dental, vision and short-term/long-term disability plans and have a strong employee assistance program.
- Plan for your Retirement: 401(k) eligible after your first 90 day's employed!
- Giving Back: We sponsor multiple events throughout the year to help out our communities.
- Growth: We’ll help you take your career to the next level. We want you to be creative and take initiative which will allow you to grow and create within the company. Most importantly, be the best at what matters!
- Flexible Work Schedules: With business units and employees across the globe, Material Technologies has embraced a hybrid working model allowing department leaders to decide on the best approach for their respective teams, whether that be remote, in person, or a little of both.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Learn, understand, and be a leading example of the ProDriven Brands ‘We Are One’ company values • Implement strategies, communicate product knowledge, and conduct training to maintain a pipeline focused on meeting or exceeding regional sales objectives, conversion dollars, and other KPI for the region • Establish and grow a network of Safety Directors, End Users, Distributors, and Regional Safety Personnel to drive sales across the region • Establish and deepen relationships with top distributors stocking Werner Fall Protection, Climbing, and Jobsite – working alongside them weekly to grow sales • Responsible for achieving the annual Regional End User Conversion Dollar target • Responsible for the development and consistent maintenance of the End User Opportunity Pipeline • Work closely with the Regional Sales Manager to align strategy • Provide Safety and Product information – Subject Matter Expert and first POC for questions • Promote the education and usage of our online training tools • Support events throughout the year • Lead regional teams with selling new product offerings, safety materials, and competitive comparisons
Manager, Security Governance, Risk and Compliance
ANP Advanced Network Products, Inc: A Coretelligent CompanyPhiladelphia's Cloud-First Managed IT Service Provider
• Serve as the primary vCISO and subject matter expert for multiple clients, advising executive stakeholders on cybersecurity strategy, risk management, compliance requirements, and security best practices • Lead data-centric cybersecurity programs aligned to business risk, including risk assessments, gap analyses, remediation roadmaps, and ongoing security posture management • Pivot the GRC team away from manual processes by integrating AI tools and automation workflows into day-to-day operations and client deliverables • Develop, review, and maintain client security policies, procedures, business continuity plans, and governance documentation tailored to regulatory and business needs • Review and interpret audit results, vulnerability assessments, and security reporting to identify threats, prioritize remediation, and reduce organizational risk • Design and facilitate tabletop exercises and lead Third Party Risk Management initiatives to strengthen client preparedness and vendor security oversight • Manage, mentor, and develop vCISO team members through onboarding, coaching, performance feedback, escalation support, and career development • Oversee vCISO service delivery quality across accounts, ensuring consistent documentation, communication standards, and client satisfaction • Collaborate cross-functionally with Security Operations, Compliance, Professional Services, and Account Management to align advisory recommendations with deliverable services • Identify opportunities to expand vCISO engagements, contribute to service improvements and templates, and stay current on cybersecurity threats, technologies, and regulatory changes • Partner with the VP of Cybersecurity to secure the Coretelligent environment.
• Deliver complex projects with multi-department dependencies and evolving requirements. • Lead and enhance product security IT infrastructure administration, operational processes, and compliance controls. • Oversee system administration, service delivery, and incident, change, and problem management processes. • Collaborate with cross-functional teams to establish operational standards, define service delivery expectations, and ensure seamless integration across departments.
Managed Service Lead, Cybersecurity
BiogenBiogen is a global biotechnology company that discovers, develops, manufactures, and markets life-saving treatments for people with neurological, autoimmune, an
• Lead continuous service evaluation and improvement initiatives, collaborating with stakeholders to identify and remediate service line and technology issues. • Own and drive service improvement plans, managing timelines, deliverables, resource allocation, change management, and stakeholder engagement. • Work cross-functionally to manage risk and troubleshoot within complex infrastructures, maintaining command over major incidents affecting core service lines. • Ensure compliance with regulatory requirements such as SOX and GxP by maintaining thorough documentation, including runbooks, policies, and procedures. • Develop and manage talent within your team, fostering a culture of success and growth. • Implement lasting solutions and services for multiple stakeholders, demonstrating a proven track record of customer success outside traditional IT and Cyber organizations.
