Technical Program Manager overseeing vulnerability remediation processes in Product Security at BeyondTrust. Managing cross-functional security initiatives and utilizing AI for process automation.
Responsibilities
Own the end-to-end remediation process from validated finding through fix verification. Define and enforce SLAs by severity, track progress across engineering teams, escalate aging findings, and drive blockers to resolution.
Organize third-party penetration tests: scoping, scheduling, vendor coordination, finding intake, and tracking through remediation. Own the operational side of the bug bounty program, ensuring researcher submissions are acknowledged, triaged, validated, and resolved within committed timelines.
Build and maintain security kanban boards that give the entire organization visibility into vulnerability status: internal findings, pen test results, bug bounty submissions, and security exceptions. These boards are the single source of truth. Engineering knows what's on their plate, security leadership knows the posture, and Customer Trust has what they need for customer conversations.
Use Claude and LLM platforms to automate finding intake and routing, generate status reports, flag at-risk SLAs, draft stakeholder communications, and surface patterns that indicate systemic issues. Focus your time on judgment and coordination by letting AI handle the repetitive tracking.
Own the security exception process: intake, risk documentation, approval routing, time-bound tracking, and expiration enforcement. When an engineering team requests an exception, you ensure it's documented with clear risk context, reviewed by the right people, and actively tracked to expiration.
Own Product Security metrics: mean time to remediate, SLA compliance, finding aging, exception counts, recurrence rates, coverage by product. Build reporting that serves the VP (portfolio posture), engineering leaders (their team's queue), and Customer Trust (defensible data for customer security reviews).
Coordinate with Engineering and Product Management on remediation prioritization and release planning. Work with Customer Support and Customer Trust on vulnerability status for customer inquiries and security questionnaires. Partner with Cyber Defense on findings that cross product and infrastructure boundaries. Keep Security Architects and Product Security Engineers aligned on remediation status.
Requirements
5+ years in Technical Program Management, Security Program Management, or a similar role driving cross-functional security programs
Experience owning vulnerability management processes end to end: intake, triage, tracking, SLA enforcement, exception management, and reporting
You've coordinated pen tests, bug bounty programs, or external security assessments and driven findings through remediation across multiple engineering teams
Hands-on experience using LLM platforms (Claude, OpenAI, or similar) to automate program management workflows such as reporting, triage routing, status tracking, or stakeholder communications
Strong stakeholder management across technical and non-technical audiences. You can drive an engineering team to hit an SLA, brief a VP on portfolio risk, and give Customer Trust what they need for a customer call
Experience building and maintaining tracking systems (Jira, kanban boards, dashboards) that serve as a reliable single source of truth
You understand security vulnerabilities well enough to have credible conversations about severity, risk, and remediation priority, and to evaluate whether pushback from engineering on a finding is technically sound.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.