The Technical Program Manager position is a critical role within our organization, responsible for bridging the gap between engineering, operations, security, and program management. This role combines the essential functions of managing security policies & processes, ensuring compliance, and continually improving them so they can be followed efficiently by the product development team. The Technical Program Manager will play a pivotal role in making a positive impact on our overall security posture.
Responsibilities:
- Security Management:
- Ensure adherence to Guidewire’s comprehensive security policies, procedures, and guidelines.
- Implement and enforce security measures across teams to protect the organization's digital assets and sensitive data.
- Regularly assess gaps in policies, process and procedures while recommending appropriate solutions.
- Collaborate with PDO teams to ensure security is integrated into operational project lifecycles.
- Program Management:
- Liaison between PDO and the Security team when evaluating and implementing new security tools.
- Manage cross functional teams to execute security related projects.
- Operational Responsibilities:
- Ensure that operational teams work in accordance with established security policies and procedures.
- Conduct regular reviews and assessments to verify compliance with security policies across the organization.
- Provide guidance and training to teams on security best practices and policy adherence.
- Identify and address any operational challenges or gaps related to security policy implementation.
- Roll up your sleeves and help with these gaps where possible.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree or relevant certifications (e.g., CISSP, CISM, PMP, CAPM) is a plus.
- Proven experience in security management and compliance, with a strong understanding of industry regulations and standards.
- Project management experience, including planning, execution, and reporting of audits or related projects.Strong analytical and problem-solving skills, with the ability to prioritize tasks and meet deadlines.
- Excellent communication skills and the ability to collaborate effectively with cross-functional teams.
- Attention to detail and a commitment to maintaining the highest standards of security and compliance.
- Knowledge and hands-on experience in: Cybersecurity risk and control assessments Technology vendor risk assessment Threat modeling & hunting Vulnerability management Security Operations Center (SOC)
- Good understanding of cloud computing, experience working with IaaS/PaaS solution providers is highly desirable
- Good understanding of the OSI/TCP-IP model and controls required for each layer Strong understanding of identity and access management systems and controls