Principal Technical Product Manager, DevSecOps
United States of America
Full Time
1 hour ago
$148,000 - $205,000 USD
H1B Sponsor Likely
Key skills
AWSAzureGCPTerraformAnsibleCloudFormationSDLCCI/CDCloud Security
About this role
Prescryptive Health, Inc. is a healthcare technology company focused on enhancing access to prescription drugs. They are seeking a Principal Technical Product Manager to lead the strategy and delivery of their secure software supply chain, ensuring security is integrated into their platforms and driving cross-functional programs across engineering and product development.
Responsibilities:
- Own the DevSecOps roadmap
- Define and execute the strategy for integrating security across our SDLC — SAST, DAST, dependency scanning, secrets detection, container security — ensuring controls are comprehensive without becoming delivery bottlenecks
- Lead complex, cross-functional programs
- Manage a portfolio of interdependent security and infrastructure initiatives
- Map dependencies, hold delivery cadences accountable, and escalate the right things at the right time
- Build paved roads
- Design shared pipeline templates, hardened base images, and reusable IaC modules that embed security as a default — reducing cognitive load on developers and eliminating per-team reinvention of compliance
- Own risk and compliance
- Maintain a clear view of technical security risk across your portfolio
- Keep teams continuously audit-ready against relevant frameworks (SOC 2, ISO 27001, HIPAA, HITRUST) through automation, not heroics
- Communicate across all levels
- Translate security risk into business language for executives, and compliance requirements into engineering priorities for teams
Requirements:
- 8+ years in technical program management, software engineering, DevOps, or security engineering — with at least 3–4 years at the principal or staff level
- Demonstrated impact leading security programs at scale — spanning 5+ engineering teams or 200+ engineers — with measurable outcomes such as reduced vulnerability remediation time, improved audit pass rates, or accelerated security review cycles
- Technical credibility. You've worked in or alongside software or infrastructure engineering. You understand CI/CD pipelines, cloud security architecture (AWS, Azure, or GCP), IaC (Terraform, Ansible, or CloudFormation), and security tooling well enough to earn trust from senior engineers — not just facilitate their conversations
- Program management at scale. You've led large, ambiguous, multi-team programs from definition through delivery. You're comfortable with dependency mapping, risk registers, and milestone accountability across organizations with competing priorities
- Influence without authority. You know how to align teams that don't report to you, build consensus across organizational boundaries, and drive change in environments where security isn't always the top priority
- Executive presence. You make complex technical risk legible to non-technical stakeholders and can hold your own in architecture discussions with senior engineers in the same meeting
- Hands-on engineering background strongly preferred
- Relevant certifications a plus: CISSP, CCSP, AWS/Azure/GCP Security Specialty, SAFe Program Consultant