FirstMile Ventures
FirstMile Ventures

Technical Program Manager, Security

Swirlds Labs

Swirlds Labs

IT, Operations
Posted on Thursday, January 4, 2024

About Swirlds Labs:

We are a fast-growing company built around a revolutionary technology — the hashgraph consensus algorithm. Hedera Hashgraph is well-suited to become the world’s first mass-adopted distributed public ledger because it is blazing fast, highly secure, and ensures fairness. We are on a mission to create a trusted and empowered digital future for everyone; a cyberspace where you work, play, buy, sell, create, and engage socially; where you have safety and privacy in your digital communities; where you feel confident when interacting with others; where you own and control your information. Join us and say, “Hello future.”

About The Role:

We are seeking a Technical Program Manager possessing a balance of Security, Software Engineering, Product, and Technical Program Management skills to join our Security Team. Reporting directly to the Senior Manager of Program Management and Security Strategy, you will play a key role in managing internal and external cross-functional projects and programs within the realms of security compliance, requirements, product security, change management, and release train management for our cross-functional product and engineering teams. Your expertise will be crucial in coordinating efforts across various departments, ensuring alignment with roadmap planning, SDLC processes, execution, and reporting. You should have hands-on experience with agile methodologies as well as security best practices (NIST, ISO 27001, CISSP, etc.). Working proactively with business and/or third-party partners, you will also ensure security objectives are met and integrated successfully into the organization.

You may find yourself doing all of the following:

  • Providing technical program management expertise across methodologies including Agile, Waterfall, etc., adapting approaches as necessary to meet project needs
  • Collaborating with cross-functional teams to design, plan, and execute projects related to security requirements, compliance, change, and release management for IT, DevOps, and engineering
  • Communicating effectively with stakeholders across departments, providing clear updates on roadmaps, release plans, status/progress, and potential impacts or blockers
  • Overseeing the entire change management & Change Advisory Board (CAB) processes, ensuring compliance with internal policies and external regulations. This includes reviewing, authoring, and updating change management plans, policies and procedures
  • Managing the Change Review Process: Assessing, prioritizing, and scheduling IT and/or security changes
  • Overseeing and coordinating the release train, ensuring seamless integration between IT, engineering, and security compliance
  • Ensuring releases meet regulatory compliance standards and incorporate necessary security measures as well as manage risk assessments
  • Collaborating closely with teams to continuously improving security posture
  • Utilizing an OKR Framework/Mindset, gathering, reporting on and analyzing KPIs, performance metrics, and incorporating feedback for enhancements and improvements
  • Collaborating on application security reviews, providing SDLC guidance to cross-functional teams
  • Managing intake, cadences, design, and complex business and technical requirements gathering sessions, communicating potential security risks to technical or non-technical stakeholders
  • Managing and Maintaining comprehensive records of changes, decisions, and actions taken. Ensuring documentation is compliant with regulatory and organizational standards

Qualification Requirements:

  • Bachelor's degree in Computer Science, Information Technology, or relevant field
  • Proven experience (3+ years) as a Technical Program Manager or similar role within a technology-driven environment, preferably in Security, Web3, blockchain, or related industries
  • Strong understanding of software development processes and methodologies
  • Expertise in various security frameworks and compliance regulations
  • Proven track record of managing security in a product development environment
  • Excellent leadership and team management skills
  • Strong communication and interpersonal abilities

Other skills that are great to bring with you but that we can help you develop:

  • Certifications such as CISSP, CISM, or similar
  • Experience with cloud security, application security, and network security
  • Familiarity with DevSecOps practices
  • Familiarity with Change Advisory Board (CAB) methodologies and procedures
  • Familiarity with and the assisting in creating and delivering training materials and documentation
  • Strong familiarity or experience with in web3, blockchain
  • Release train management and required security compliance & integration