Aledade - Senior Technical Program Manager, Security
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 10+ years in technical program management at Staff-level scope — cross-org, ambiguous, high-stakes security programs • Deep security domain fluency: frameworks, controls, HIPAA and financial-specific obligations, risk management — and how all of it maps to real engineering decisions • Technical judgment strong enough to question the status quo, challenge architectural decisions, and identify real risk versus inherited noise • Proven track record of transforming security programs — advancing maturity, closing gaps, and positioning programs for where the business is going • Influence without authority across senior security, engineering, compliance, and executive stakeholders • Outcomes orientation: risk reduction and program maturity • Preferred KSA’s • Experience in healthcare or other highly regulated environments where security failure has consequences beyond the company • Track record of building security governance and operating models from the ground up • Familiarity with AI and ML risk frameworks and emerging AI governance practice • Operated at a company in significant growth — where the security foundation had to be built while the business was already running on it • Can move between a threat model conversation with a security engineer and a risk framing conversation with a CFO without losing accuracy in either direction • Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.
Responsibilities
• Diagnose, prioritize, and drive security program maturity • Assess the current state with clear eyes: identify what’s working, what’s underdeveloped, and what needs to be rebuilt • Build a prioritized, multi-quarter roadmap that sequences risk reduction against business reality — without waiting to be handed a problem statement • Establish governance, ownership, and metrics that make the portfolio legible and actionable across security leadership, engineering leadership, and executives • Hold the line on outcomes — not activity or artifacts. • Translate security requirements into engineering practice • Make security by design the operating standard: shift-left practices, threat modeling, architecture review, and controls embedded into how teams plan and ship • Own the intersection of what security requires and what engineering can build — and move both sides toward it, fluently • Remove the blockers that sit between security intent and engineering execution • Build the habits and structures that outlast any individual program or initiative • Own the compliance surface without losing sight of real risk • Translate HIPAA, financial controls, and governance requirements into resilient programs that reduce actual exposure and scale — not just satisfy milestone audits • Sequence compliance investments against where the company is going, not just where it’s been • Build the evidence frameworks, metrics, and operational readiness that hold up under real scrutiny at scale • Shape the AI security framework before it becomes a crisis • Synthesize Aledade posture about AI risk, guardrails, and governance as AI becomes embedded in how we work and what we build • Build the scaffolding — principles, review processes, accountability structures — that gives others a framework to execute against • Operate with conviction in a space where the industry is still writing the rules • Drive alignment across a complex, high-stakes intersection • Operate at the seam between security, engineering, compliance, legal, and finance — without owning any of the headcount • Eliminate toil that crushes effectiveness of the subject matter experts around you by clearing the path, not walking it for them • Surface what’s being normalized that shouldn’t be — the risks deferred, the gaps unnamed, the programs that exist only on paper • Drive evidence-based decisions that stick — from architecture, through build, to the risk level with executives • Full-stack program leadership: equally at home in an architecture review, a compliance audit, a risk conversation with the CTO, and a sprint planning session with an engineering team
No credit card. Takes 10 seconds.