Technical Program Manager, IT Security

  • San Francisco, CA, USA
  • Full-time
  • Department: Engineering

Company Description

Optimizely is the world's leader in customer experience optimization, allowing businesses to dramatically drive up the value of their digital products, commerce and campaigns through its best in class experimentation software platform. By replacing digital guesswork with evidence-based results, Optimizely enables product and marketing professionals to accelerate innovation, lower the risk of new features, and drive up the return on investment from digital by up to 10X. Over 26 of the Fortune 100 companies choose Optimizely to power their global digital experiences. Optimizely’s impressive customer list includes eBay, FOX, IBM, The New York Times and many more global enterprises.

Job Description

Technical Program Manager, IT Security

Security is in the foundation of over 3000 customers’ trust in Optimizely. In this role, you will drive our Information Security program that facilitates security being baked into all of the business processes and IT infrastructure at Optimizely. The responsibilities are a blend of IT security analysis and project management. If you’re a security engineer or program manager looking to get into a leadership position, this is a great opportunity for you to have impact across an entire company and build a world-class information security program.

About You

  • Support the development of a compelling security vision and strategy for the company

  • Create company wide security policy, standards, procedures and guidelines

  • Participate in a cross-departmental security committee to systematically identify and address top risks to Optimizely

  • Partner with department leaders to measure and grow security maturity across the organization

  • Review and respond to new security threats

  • Maintains the security incident response program and lead security incident response activities

  • Review existing IT security architecture, identify design gaps, and recommend security enhancements

  • Provides analysis and input into security investment decisions, strategies and security budget

  • Initiates, facilitates, and promotes activities to create information security awareness throughout the organization

  • Serve as an escalation point for reviewing customers’ security questionnaires and contract security provisions

  • Manage the design and operationalization of processes or security technology controls required by SOC 2, PCI, ISO 27001, and other applicable regulatory or compliance frameworks

  • Support Business Continuity, Vendor Management and Change Management Programs

  • Manage the design and operationalization of key security processes including

    • Threat and Vulnerability management

    • Identity and Access Management

  • Lead the design, management, and processes, and operationalization of threat and vulnerability management (e.g., network security scanning, vulnerability scanners, threat intel feeds)

  • Lead the design, management, and processes, and operationalization of Security Information and Event Management (SIEM)


Desired Qualifications

  • 7+ years experience in IT Security

  • 3+ years experience in project management

  • CISSP, CISA, CISM or similar industry certification

  • Knowledge of information security frameworks, such as ISO 27001 or NIST

  • Experience working with cloud services

Additional Information

At Optimizely, we embody inclusion and embrace diversity. Optimizely is an equal opportunity employer and makes employment decisions on the basis of merit. Optimizely prohibits discrimination based on race, color, religion, sex, sexual identity, gender identity, marital status, veteran status, nationality, citizenship, age, disability, medical condition, pregnancy, or any other unlawful consideration.  All your information will be kept confidential according to EEO guidelines.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Videos To Watch

Privacy Policy