Security & Risk Management Program Manager*Hybrid in Horsham, PA

Conditions of Employment

• Must be a U.S. citizen to apply for this position.
• Must successfully pass a background investigation and achieve Public Trust security clearance.
• Must be located near the Horsham, PA location for a Hybrid onsite schedule.

• Strong program management experience leading complex, cross‑functional initiatives.
• Experience in information security, such as vulnerability management, risk management, GRC, or security operations.
• Understanding of vulnerability management lifecycle processes, including asset discovery, scanning, validation, prioritization, remediation, exception handling, and reporting.
• Proven ability to lead risk reduction or remediation initiatives across multiple technical teams.
• Experience developing executive reporting, metrics, risk records, meeting outputs, audit artifacts, and risk summaries.
• Strong stakeholder management and communication skills across technical and business audiences.
• Experience supporting audits, compliance reviews, evidence collection, or control validation activities.
• Familiarity with vulnerability severity models, CVSS, exploitability, asset criticality, exposure, compensating controls, and risk‑based prioritization.

• Security‑first mindset with strong business judgment.
• Ability to drive execution and accountability across distributed teams.
• Comfortable operating with ambiguity and executive visibility.
• Focus on measurable outcomes and continuous improvement.

• Own and evolve the enterprise vulnerability management program, including governance, operating model, and stakeholder alignment.
• Define and execute an integrated roadmap for vulnerability management and security risk reduction initiatives.
• Establish accountability, SLAs, and execution standards across security, engineering, and infrastructure teams.
• Lead cross‑functional risk reduction initiatives; manage timelines, dependencies, and escalation to ensure delivery.
• Drive prioritization based on risk exposure, business impact, and regulatory requirements.
• Align security, infrastructure, cloud, and application teams on remediation and risk reduction priorities.
• Lead risk acceptance and exception processes, including analysis, approvals, and lifecycle management.
• Maintain risk registers, treatment plans, and exception tracking aligned to business and compliance objectives.
• Ensure appropriate risk segmentation across commercial and government environments.
• Translate vulnerability and risk data into actionable insights for leadership decision‑making.
• Deliver executive‑level reporting on risk posture, remediation performance, and program progress.
• Define and track metrics to measure risk reduction effectiveness and execution performance.
• Ensure audit readiness through complete, traceable documentation and remediation evidence.
• Support regulatory and government requirements, including POA&M tracking and control validation.
• Partner with GRC and audit stakeholders to meet contractual and compliance obligations.

• Health Benefits:
  
  Comprehensive, multi‑carrier program for medical, dental and vision benefits.
• Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan.
• Wellbeing:
  Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time‑off Programs.
• Short‑and‑Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity.
• Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits.
• Health Savings, Health Care, Dependent Care and Commuter Spending Accounts.
• Up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice.

Work flexible hours – flexing the times when you work in the day to help you fit everything in and work when you are the most productive.

U.S. National Base Pay Range: $95,300 - $158,800. Geographic differentials may apply in some locations to better reflect local market rates. This job is eligible for an annual incentive bonus.

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.