Information Security Program Manager
The Information Security Program Manager supports and provides coordination for the Information Security Program and projects portfolio. This includes tracking operational status of programs and projects across the portfolio, and program level risk management. The program manager will gather data from various sources and use it to create and maintain Information Security performance indicators, reports, and dashboards for the program and projects.
The Information Security Program Manager is responsible for helping to ensure that programs, projects and initiatives are defined, planned, tracked and communicated in a consistent manner. This will be achieved by partnering with various teams within the organization to drive consistency and lead delivery through following established methodologies and good practices. The program manager will be a change leader within Information Security, collaborating with stakeholders.
- Help facilitate coordination of efforts within InfoSec and across Tenable teams to identify and address security issues
- Identify and aggregate key metrics to measure security program performance, health, organization risk, and activities
- Develop and manage security and compliance dashboards and reports for internal stakeholders
- Help facilitate risk assessments, maturity assessments, and evaluation of controls and measurements against policies, standards and processes
- Help drive development and performance of consistent PM standards within Information Security
- Collaborate with Information Security leaders to identify and plan projects and initiatives
- Partner with and share information with other groups within Tenable (Sales, Legal, Finance, IT)
- Help coordinate the financial, operational and administrative aspects of the program performance (i.e. contractual, administrative, deliverables, metrics and finances)
- Work with functional leads to support projects that span across multiple functions
- Ensure policies and procedures are met when sourcing, managing, and maintaining projects or programs
- Coordinate and develop information security communications to include awareness, internal security website and security newsletters
What You'll Need:
- Minimum 5 years of experience managing programs, vendors, suppliers, and technology and process implementations
- Manage relationships with 3rd party vendors and function as the escalation point
- Experience undergoing or performing technical audits for for SSAE16/18 SOC2 or SOX
- Strong knowledge of project and program management fundamentals and PMO practices
- Familiar with DevOps and Agile principles, processes, and technologies
- Understanding of modern web based applications and architecture including cloud infrastructure
- Able to quickly and effectively understand business strategies, challenges and priorities
- Experience developing formal documentation including policies
- Experience in information security control assessments, audit, or compliance
- Big 4 consulting experience in governance, security, or compliance
- Experience building dashboards and reporting in business intelligence platforms such as Tableau
- Familiar with ISO27001, NIST CSF, CSA CCM and other information security related standards and frameworks
- ITIL, PMP, CISSP, CISA certifications
- Experience with GRC solutions
If you’ve reached this point in the job description and feel you’re still not sure if you should apply…Just do it! We know there are no perfect applicants. You may not have 100% of all those bullets listed above - and that’s okay. If you’re feeling like you’re not going to fit in with our teams - that’s not ok. We're One Tenable which means however you identify and whatever background you bring with you, we encourage you to submit an application if it’s a role you can be passionate about doing every day.
We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels.