Senior Technical Program Manager, Information Security Engineering

At Netflix we do one thing - entertainment - and we aim to do it really well. To accomplish this goal, we must produce, distribute, and stream content at a massive scale. We have a strong engineering organization that enables us to achieve these business objectives and a unique and creative culture that guides us to operate with “Freedom and Responsibility”. This helps keep engineering velocity high, but also means that our security team needs to operate differently than a traditional security team. Employees have tremendous freedom in their work, along with the corresponding responsibility to do the right thing for Netflix. Instead of controlling engineers with process and security gates, we enable them to build secure code and provide them with adequate security context to make the right decisions for Netflix.
The TeamThe Information Security Engineering Program Management team is a force multiplier for the Infosec organization; we partner closely with engineering teams across Netflix to deliver impactful and scalable security initiatives. The team is also a key driver for the success of Infosec’s partnership program which aims at enabling our customers and stakeholders to meet their goals in a secure way. We collaborate with leaders inside and outside the Infosec organization to align on strategic goals and vision to further the security roadmaps for our partnering teams in a business driven way. We then work with the right stakeholders to establish and drive initiatives that move the needle on this. 
The OpportunityYou will drive large, at-scale security initiatives across multiple stakeholders ranging from central engineering, studio leadership and teams, product managers, engineering managers, and developers. It is a great opportunity to help mature the security posture in the most rapidly growing parts of our business and gain intimate knowledge of Netflix’s security products and services. 
We are hiring for technical program manager roles in three domains. For each of these roles, we are leaning into the “T” (Technical) for this role. By technical, we mean that the ideal candidate has a strong understanding of each of these domains and ability to gain a technical understanding of programs across their lifecycle. Each domain will require the TPMs to have both strategy and execution skills. This job posting is inclusive of a variety of positions within the Information Security Engineering Program Management team. Based on your background, expertise and interests, we will route you to the appropriate position supporting one of these domains:
Identity and Access - The role is to drive the Identity and Access strategic programs that require engineering alignment across the company. Onboard, one of the first initiatives you will be responsible for is the execution of our new authentication strategy for Netflix’s workforce and partner ecosystem. This program focuses on consolidating our identity providers and paving the way for  the next generation adaptive authentication and authorization. 
Vulnerability Management - The role is to evolve and drive the vision of Vulnerability Management at Netflix. You’ll be responsible for crafting and executing the overall program including quarterly roadmaps and working with numerous stakeholders, from across infosec and engineering, on how to reduce the risk from vulnerabilities across the Netflix ecosystem. You’ll explore and solve vulnerability management challenges in a dynamic engineering environment that will expose you to the entire breadth of Netflix assets and technologies.
Studio Security - The role is to support the Studio Information Security team that is primarily focused on providing a balanced approach to securing our environment as Netflix builds and supports a world class studio. You will be responsible to manage and execute key initiatives in Studio Information Security and drive methodical delivery for the team. The Technical Program Manager will manage cross functional initiatives across multiple stakeholders ranging from Studio leadership and teams, product managers, and engineering managers.

Desired Background

• You are passionate about leading by influence. This role requires advocating for change with a variety of teams in Netflix’s unique culture. 
• You have a demonstrated ability to establish a vision and to execute on it.
• You have excellent written and verbal communication skills, including clear articulation of business impact and technical constraints tailored to the audience.
• You are able to triage multiple initiatives to make a judgment to tackle the right problems at the right time.
• You have an ability to identify gaps in solutions, debate technical approaches and weigh-in on product vs technology tradeoffs.
• You have developed and driven security initiatives such as building platform wide authentication systems, authorization at scale, vulnerability management, etc. 
• You have an understanding of technical foundations in identity and access management, cloud infrastructure security, third party risk or security in general. 

Finally, here’s a few more reasons why we love this work, and think that you will too:

• You will have the opportunity to facilitate impactful security work for the Netflix engineering ecosystem.
• You will be working with an industry leading security team with many opportunities to improve existing projects and identify new ones.
• You will have the opportunity to research new ideas and share them across the community.
• You enjoy learning and working closely with domain experts in diverse areas such as microservices architecture, data science and engineering, content delivery networks, and a production studio.

We are looking for thoughtful security professionals who enable our mission and support our culture of freedom and responsibility. You can learn more about life at Netflix by watching our security talks or exploring our open source work.