Senior Technical Program Manager - Cloud Security

Who We Are

Aurora (Nasdaq: AUR) is delivering the benefits of self-driving technology safely, quickly, and broadly. Founded in 2017 by experts in the self-driving industry, Aurora is revolutionizing transportation – making it safer, increasingly accessible, and more reliable and efficient than ever before. Its flagship product, the Aurora Driver, is a platform that brings together software, hardware, and data services, to autonomously operate passenger vehicles, light commercial vehicles, and heavy-duty trucks. Aurora is partnered with industry leaders across the transportation ecosystem including Toyota, Volvo, PACCAR, Uber, Uber Freight, FedEx, and U.S. Xpress. Aurora tests its vehicles in the Bay Area, Pittsburgh, and Texas and has offices in those areas as well as in Bozeman, MT; Seattle, WA; Louisville, CO; and Detroit, MI. To learn more, visit www.aurora.tech.

Aurora Overview

Bringing self-driving vehicles to our roads is the most transformative opportunity of our generation. Aurora is taking a fresh start with the development of self-driving technology, combining excellence in AI, rigorous engineering, and a team with decades of experience building robots that work.

Led by a team of seasoned experts, our mission is to deliver the benefits of self-driving technology safely, quickly, and broadly. We are designing the software and hardware to power the transportation of our future that will make our roads safer, give more people access to mobility, and reduce congestion and pollution in cities - improving the quality of life for all. The challenge in what we are endeavoring to achieve is transcendent; we are developing perhaps the world's most complex computing system and asking it to perform the task of transporting and keeping safe our most precious asset: human life.

Aurora hires people who are excited to build the future of transportation.

** Location preferences are MTV, SF, Seattle OR Pittsburgh**

Role

This role sits within the Security Strategy and Programs team. Aurora’s Security Strategy and Programs team’s mission is to develop security strategy and drive security initiatives across all of Aurora. We are searching for a seasoned security professional with expertise in driving company wide technical programs to join us on this mission.

This role specifically is responsible for driving cloud security initiatives and programs. This role will function as the bridge between Security teams, Software teams and external partner organizations to drive implementation of cloud security controls for Aurora’s cloud infrastructure and cloud-hosted services as needed for different product release milestones.

This role moves effortlessly from high level strategy into tangible action plan adjusted for different stakeholders so that they can execute towards a complex and cross-functional goal. This role will bring in the right set of people as needed to bring specificity and clarity for timely execution of large scale cross-team initiatives. The role will thrive in a dynamic work environment, and is able to prioritize multiple parallel efforts. The role will proactively make efforts to break through communication barriers and develop strong relationships with stakeholders at all levels of the organization.

Job level is negotiable based on experience. Flexible work locations are available (MTV, SFO, PIT, SEA) for US-based employees (Full remote is not available for this role).

In this role, you will

• Establish Security Initiatives and Programs
• Function as internal product manager for cloud security capabilities. 
• Identify security gaps, design security controls and develop security programs for Aurora’s cloud infrastructure, developer infrastructure and cloud-hosted applications.
• Partner closely with Aurora’s Software teams, Product teams and external partner organizations and Supply Chain teams to develop execution plans for cloud security initiatives.
• Build a security support interface between Security and the rest of the company.
• Drive Security Program Execution and Risks Resolution
• Drive company wide planning, roadmapping, resourcing of cloud and developer security initiatives and programs.
• Interface with engineering managers and engineers to estimate work efforts, define milestones and manage resources. 
• Track progress, roadblocks and potential risks of cloud security initiatives and programs.
• Proactively ask questions to drive clarity in execution dependencies and priorities to push the team to be highly effective. 
• Identify procedural, operational, and communication gaps, manage issue escalations and provide support to teams balancing competing priorities.
• Proactively remove obstacles to drive momentum and progress. 
• Willingness and ability to dive into problems and document, drive alignment, drive plans and assist with execution.
• Manage Stakeholders and Communications
• Establish communication interfaces to keep various levels of stakeholders informed.
• Publish regular reports on programs KPIs and risks
• Engage the right stakeholders as needed to enable timely strategic and tactical decision making.

Required Qualifications

• Minimum 7+ years of experience in the capacity of a Technical Program Manager, Product Manager, Engineering Manager or Security Engineer in domains of Security, Privacy or Infrastructure.
• BS in Computer Science, Information Technology or a technical field or equivalent experience
• Hands-on experience in driving security programs such as cloud infrastructure security (AWS preferred), container security, application security, DevOps security, cloud detection & response, identity & access management or privacy engineering.
• Experience with driving implementation of standards such GDPR, ISO 27001, NIST 800-171 or NIST 800-37.
• Ability to influence and motivate people across a broad variety of job functions through your relationships.
• Experience with planning and driving organization wide multi-year engineering initiatives.
• Experience with driving and managing company wide disruptive changes.
• Excellent written and verbal communication skills.
• Experience with creating detailed reporting and dashboards
• Strong technical, analytical and quantitative skills with the ability to use data and metrics to back up assumptions, recommendations and drive decisions.

Desired Qualifications

• Professional certifications such as CISSP, CISM, CISA, CCSK, GIAC, Prosci, SAFe, CSM or PMP.
• Experience with developing threat models and using threat models to develop security controls and initiatives.
• Experience as an internal security consultant/advisor.
• Familiarity with Zero Trust Architecture principles.
• Experience with setting organization wide security programs (e.g. security detection and response, vulnerability management, threat intel) from ground-up. 
• Ability to work within organizations with minimal structure and with minimal direction.
• Experience with creating communication plans for various levels of stakeholders.
• Excellent emotional intelligence. 

The base salary range for this position is $188k-$282K per year. Aurora’s pay ranges are determined by role, level, and location. Within the range, the successful candidate’s starting base pay will be determined based on factors including job-related skills, experience, qualifications, relevant education or training, and market conditions. These ranges may be modified in the future. The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.

#LI-DW1

#Mid-Senior

Working at Aurora

At Aurora, we bring together people with extraordinary talent and experience united by the strength of our values. We operate with integrity, set outrageous goals, and continue to build a culture where we win together—all without any jerks.

We have offices in 8+ locations across the United States. We offer a competitive benefits package to qualifying employees. Our Career Page includes everything you need to know about working at Aurora.

At the core of everything we do is our commitment to safety. Building best-in-class self-driving technology will take time, and we believe that each employee at Aurora has a role in contributing to safety, every step of the way. Aurora expects commitment to our safety policies from every employee, and seeks candidates who take an active responsibility, can contribute to building an atmosphere of trust, and invest in the organization’s long-term success by prioritizing working safely, no matter what.

We believe that self-driving technology has broad benefits – including an increase in safety and access to transportation – and to achieve those benefits, we want and need a workforce with diverse experiences, insights, and perspectives; said another way, a workforce that reflects the communities and people our technology will benefit. You can find all the latest news on our Blog

Individuals seeking employment at Aurora are considered without regard to race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, pregnancy status, parent or caregiver status, ancestry, political affiliation, veteran and/or military status, physical or mental disability, or any other status protected by federal or state law. 

For California applicants, information collected and processed as part of your application, and any job applications you choose to submit is subject to Aurora’s California Employment Privacy Policy.