Key skills
Technical Program ManagementInformation SecurityNIST 800-53FedRAMPSecure SDLCCloud SecurityJiraConfluenceAWSCISSPverbal skillsRisk reportingDependency trackingwritten skillsCollaborationAzureJenkinsGitHubBitbucketSaaSSDLCRisk Management
About this role
Cribl is a remote-first company that empowers its employees to do their best work while putting customers first. The Senior Technical Program Manager will partner with product, engineering, and GRC teams to manage cross-functional security programs and operationalize compliance initiatives.
Responsibilities:
- Drive and support compliance-aligned initiatives across product and engineering teams, including the tracking of control health & ownership, evidence management and assessment readiness for ProdEng
- Translate compliance requirements into actionable engineering stories, epics or acceptance criteria
- Partner with leads in product and engineering to embed security requirements into workflows
- Collaborate closely with other leaders to ensure alignment across cross-functional teams and achieve company-wide goals
- Maintain dashboards or metrics for engineering control maturity, open vulnerabilities and readiness actions
- Facilitate readiness reviews and prep sessions ahead of external assessments to ensure alignment between Product and Engineering artifacts and compliance narratives
- Identify areas where automation or tooling could improve execution
- Regularly communicate status, blockers and key risks
- We are a remote-first company and work happens across many time-zones – you may be required to occasionally perform duties outside your standard working hours
Requirements:
- Bachelor degree in Computer Science, Information Systems or related discipline (or equivalent work experience)
- 5+ years of experience in technical program management or information security
- Experience collaborating on complex programs or solutions that span different groups within an organization
- Strong verbal and written skills as well as the ability to present to all levels in an organization
- Experience influencing engineering teams in the development of systems, solutions, and products
- Solid understanding of secure SDLC, risk management and cloud security principles
- Strong familiarity with NIST 800-53, FedRAMP, privacy regulations, especially in product or engineering contexts
- Hands-on experience with Jira or Confluence and experience with common software development tools (e.g. GitHub, bitbucket, Jenkins) and public cloud technology (e.g. AWS, Azure etc)
- Solid experience managing or supporting FedRAMP Authorization packages
- Ability to turn compliance activity into business value
- Experience supporting compliance readiness within SaaS or cloud-native product engineering teams
- Exposure to TPM workflows (e.g. sprint management, risk reporting, dependency tracking)
- Industry Relevant Certification (e.g. Security+, AWS Cloud Practitioner, CISSP etc.)