Security Program Manager

Location: Remote (US-based, standard business hours with some early morning cross time zone collaboration)
Employment Type: Contract (40 hours per week; 6+ months)
Industry: Technology / Software / Cybersecurity
Level: Senior Program Manager / Security Program Manager
Compensation: $80-90 per hour (W2)

About the Role

We’re partnering with a rapidly scaling technology organization that is building out its security function and maturing its cybersecurity capabilities. The Security Program Manager will play a critical role in driving security program execution, establishing governance, and bringing structure to an environment without a formal PMO.

This is a high-impact role that works cross-functionally across Security, Engineering, R&D, and Compliance teams to move major initiatives forward, strengthen security posture, and operationalize security and compliance programs.

What You’ll Do

Security Program Management

• Lead cross-functional execution of cybersecurity initiatives including SOC transition, CNAPP/MDR programs, IAM/SSO rollouts, and incident response uplift.
• Mature security program processes with an eye toward progressing from low maturity to documented, defined, and repeatable practices.
• Build structure, templates, progress tracking, and governance mechanisms in an environment with limited existing PMO resources.

Incident Response & Operational Maturity

• Help define and operationalize core IR processes: central logging, outage and containment playbooks, system rebuild procedures, and continuity planning.
• Coordinate stakeholders across engineering, operations, and security to ensure processes are documented, tested, and maintained.

Compliance & Audit Enablement

• Support SOC 2 and ISO initiatives, including the transition from project-based execution to business-as-usual operations.
• Partner with internal teams and external tools/providers (e.g., automation platforms) to streamline evidence collection, monitoring, and program tracking.

Engineering & SDLC Integration

• Collaborate with distributed engineering teams to incorporate security checkpoints into the SDLC.
• Work effectively across both Agile and Waterfall delivery models.
• Drive alignment with product and R&D stakeholders where shared resources and competing priorities exist.

What We’re Looking For

Must-Have Experience

• 5–10+ years of security program or technical program management experience in a cybersecurity, SaaS, or technology organization.
• Demonstrated success in maturing security programs, improving operational processes, and standing up governance in low-maturity environments.
• Strong understanding of SOC operations, CNAPP/MDR tooling, IAM/SSO implementations, and incident response processes.
• Experience enabling or managing SOC 2, ISO 27001, or similar compliance frameworks.
• Ability to drive outcomes across cross-functional, shared-resource teams.
• Comfortable working with both Agile and Waterfall methodologies.

Nice-to-Haves

• Experience supporting CMMI, NIST CSF, or other maturity frameworks.
• Background partnering with globally distributed teams (India, East/West Coast).
• Familiarity with Drata or other compliance automation tools.
• PMP, CISSP, CISM, or other relevant credentials.

Why This Role Is Compelling

• Direct, meaningful impact on the security maturity of a growing organization.
• Opportunity to build foundational processes and governance from the ground up.
• Highly collaborative role with visibility across leadership, engineering, and GRC.
• Fully remote work environment with a strong focus on ownership and transparency.