More jobs:
Security Program Manager
Job in
Harrisburg, Dauphin County, Pennsylvania, 17124, USA
Listed on 2026-07-12
Listing for:
Vertex, Inc.
Full Time
position Listed on 2026-07-12
Job specializations:
-
IT/Tech
IT Project Manager, Information Security, Cybersecurity
Job Description & How to Apply Below
Job Description
We’re hiring a Security Program Manager to serve as the operating backbone of the Office of the CISO. This senior individual contributor role connects people, programs, and priorities across a complex enterprise and uses AI tooling to multiply impact.
Responsibilities- Run the Security Operating System:
Own the operating cadence of the CISO function – weekly staff meetings, monthly program reviews, and quarterly business reviews. - Produce the recurring decision‑grade CISO report (executive summary, OKR scorecard, KPI scorecard, portfolio milestones, decisions required).
- Maintain a single portfolio view across all security programs with clear stage gates, owners, and forecasts.
- Drive meeting preparation, documentation, stakeholder communication, and follow‑through so leadership can focus on judgment calls, not coordination.
- Own the OKR, KPI, and Metrics System:
Run the quarterly OKR lifecycle across all security teams; define, align, health check, and score. - Ensure each Key Result has a baseline, target, owner, measurement method, and confidence level.
- Maintain a KPI dictionary with definitions, formulas, systems of record, thresholds, and cadence covering posture, program delivery, and team execution KPIs.
- Lead monthly trend analysis and tie outcomes back to security and business objectives.
- Own end‑to‑end delivery of security programs (risk management, vulnerability management, security awareness, product onboarding, M&A security execution, incident readiness, and compliance initiatives).
- Act as primary liaison between Security and Engineering, IT, Product, Legal, Privacy, Finance, People, Sales, and Customer Success.
- Manage cross‑team dependencies, decision logs, and enforce escalation SLAs and stage gates with a small, senior, expert team.
- Build Executive & Board Communications:
Build recurring deliverables for executive leadership, audit committee, and board updates; translate technical security and AI governance topics for non‑technical audiences; produce decision‑grade options memos. - Multiply output through deliberate AI use:
Use AI tooling daily for status synthesis, dashboard refresh, meeting recaps, draft communications, evidence collection, and audit response prep; identify and execute automation opportunities.
- 7+ years of progressive program or portfolio management experience, with 4+ years dedicated to information security, GRC, or product security programs in a SaaS or cloud environment.
- Proven track record running OKR/KPI operating systems for security or technology leaders, including executive‑ready reporting.
- Direct experience coordinating across GRC, Product/Application Security, Security Operations, Incident Response, and emerging AI security and governance functions.
- Demonstrated ability to operate as connective tissue across Engineering, Legal, Product, IT, Finance, and Sales – leading through influence rather than authority.
- Mastery of program management tooling—Jira, Confluence, Service Now, Smartsheet, PowerPoint, Excel/PowerBI.
- Strong executive written and verbal communication; ability to produce concise, structured, dashboard‑style one‑pagers and decision memos.
- Comfortable enforcing operating discipline (cadences, stage gates, escalation SLAs) in a small, senior, expert team.
- Bias for action, ownership, and outcome—not activity.
- AI literacy: hands‑on daily use of AI tooling in your own workflows; understanding of AI security concerns (model risk, data leakage, prompt injection, third‑party AI vendor risk, Shadow AI, AI guardrails, and Responsible AI principles).
- PMP, PgMP, or equivalent program management certification.
- CISSP,CISM,CRISC, or CISA (one strongly preferred).
- AI Governance certification (e.g., IAPPAIGP, ISO
42001
Lead Implementer).
- Communicate with Clarity – be clear, concise and actionable; relentlessly constructive; provide meaningful feedback.
- Act with Urgency – adopt an agile mentality; frequent iterations; 80/20 rule.
- Work with Purpose – exhibit a “We Can” mindset; results outweigh effort; prioritize team results over personal objectives.
- Drive to Decision – cut the swirl with defined deadlines and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×