Technical Program Manager - Vulnerability Management

Massachusetts - Boston

Veeva Systems

Veeva Systems Inc. is a leader in cloud-based software for the global life sciences industry. Committed to innovation, product excellence, and customer success, Veeva has more than 1,100 customers, ranging from the world's largest...

View company page

Veeva [NYSE: VEEV] is the leader in cloud-based software for the global life sciences industry. Committed to innovation, product excellence, and customer success, our customers range from the world’s largest pharmaceutical companies to emerging biotechs. Veeva’s software helps our customers bring medicines and therapies to patients faster.
We are the first public company to become a Public Benefit Corporation. As a PBC, we are committed to making the industries we serve more productive, and we are committed to creating high-quality employment opportunities.
Veeva is a Work Anywhere company which means that you can choose to work in the environment that works best for you - on any given day. Whether you choose to work remotely from home or work in an office - it’s up to you.
The Role
This role calls for an experienced Technical Program Manager to oversee the initiatives and deployment of projects related to vulnerability management. It will include scheduling work, project status reports and metrics, and sustained communications between security and product teams. This position requires a technical background to understand obstacles and develop innovative solutions. Success will be needed through coordination between security, IT, product teams, and engineering.

What You'll Do

  • Develop meaningful and actionable performance and risk metrics of a variety of teams based on vulnerability attributes
  • Lead and coordinate vulnerability management projects and initiatives to include deadlines, setting responsibilities, monitoring and summarizing progress, and providing updates
  • Track milestones and sustain focus on prioritized project requirements
  • Gather feedback from product teams to develop customized requirements and develop a plan to meet those prioritized requirements
  • Streamline the vulnerability management reporting process for more accurate reporting, tracking, and developing innovative methods to resolve vulnerabilities
  • Build and maintain relationships with security, product teams, and other departments involved
  • Serve as an advisor and consultant role to product teams on prioritizing vulnerabilities and developing plans to resolve them in a timely manner while maintaining compliance
  • Prepare reports for product teams, IT, security, and C-level leadership on risk and performance concerns as they relate to mitigating and eliminating vulnerabilities
  • Develop and test unique team-specific requirements for managing the vulnerability lifecycle
  • Maintain excellent awareness of the status of all on-prem and cloud devices’ reporting capabilities to the overarching tool suite
  • Collaborate with various product teams to identify gaps and pitfalls in managing vulnerabilities, and plan, test, and evaluate new processes to address those gaps and pitfalls
  • Maintain, author, and document policy for the continuity of the program
  • Develop requirements with vendors in an effort to integrate and optimize the vulnerability management tool suite to match product team requirements

Requirements

  • Strong experience in the SDLC process, methodologies, and technologies
  • Strong communication skills with executive-level leadership
  • Strong understanding of risk management frameworks
  • Strong understanding of various methods to mitigate vulnerabilities
  • Strong experience in coordinating with various teams’ solutions to manage and prioritize vulnerability remediation
  • 4+ years of experience in Vulnerability Management reporting, tracking, metrics, and scanning and assessing results leading to prioritized actions
  • 4+ years of experience in technical program management in any cybersecurity or IT-related field
  • Strong foundation in project management concepts in meeting deadlines, tracking milestones, and coordinating with external entities
  • PMP, CAPM, or equivalent project management certification
  • Complex problem-solving skills with the ability to work with minimal supervision
  • Legally eligible to work in the United States

Nice to Have

  • Strong familiarity with Atlassian Jira and Confluence
  • Demonstrated experience in delivering reports and metrics at various levels of an organization, from tactical to operational to strategic
  • Good understanding of attack surface management principles
  • Strong knowledge of governing regulations such as HIPAA, GDPR, ISO 27001, and SOC 2 compliance standards
  • Good understanding of cloud security principles
  • Scrum or Agile certification or training
  • Good familiarity with cloud architectural devices such as dockers, containers, EC2, etc.

Perks & Benefits

  • 100% remote, with an expectation to travel 2 weeks per year, all costs covered by the company
  • Healthy, free, provided lunches and snacks at each US office
  • Allocations for continuous learning and development
  • Allocations for donations to non-profits of your choice
  • Onsite gym with free fitness classes offered daily
#LI-RemoteUS#BI-Remote
Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances. If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at talent_accommodations@veeva.com.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile C Cloud Compliance EC2 GDPR HIPAA ISO 27001 Jira Monitoring Risk management Scrum SDLC SOC SOC 2 Vulnerabilities Vulnerability management

Perks/benefits: Career development Lunch / meals

Regions: Remote/Anywhere North America
Country: United States
Job stats:  12  1  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.