Senior Security Program Manager

• Program leadership & delivery • Own a portfolio of security programs (planning, resourcing, milestones, dependencies, risk/issue management, and outcomes). • Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services (CEX/DEX and liquidity services). • Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates. • Support the CISO in delivering firmwide initiatives. • Security governance, risk, & control initiatives • Partner with Security and Engineering teams to drive key initiatives such as: access governance, secrets management, vulnerability remediation, security logging/monitoring improvements, endpoint/security baseline, and secure SDLC enablement. • Help mature control coverage and evidence for internal/external assurance needs (as applicable in a financial-services context). • Partner with the Director of GRC to support GRC and audit initiatives. • Incident readiness & operational resilience • Partner with Security Operations to improve incident preparedness through playbooks, tabletop exercises, lessons learned, and operational runbooks—ensuring security response stays effective in a high-availability trading environment. • Cross-functional influence • Act as the “glue” across technical and business stakeholders—clarifying ownership, unblocking delivery, and keeping programs moving with crisp communication. • Build lightweight, scalable processes that improve security consistency without slowing teams. • What success looks like (first 6–12 months) • A clearly prioritized security program roadmap with measurable KPIs and predictable execution. • Improved security readiness for key business areas, aligned with Keyrock’s activities (market making, OTC, options, treasury). • Higher stakeholder confidence via clear reporting, risk transparency, and consistent program delivery.