Technical Program Manager, Security

Asana San Francisco , CA 94118

Posted 4 weeks ago

We're looking to hire a Technical Program Manager to drive the Security program at Asana. You will partner with Product, Engineering, Sales, and Legal teams to build a program and drive execution of critical security initiatives that ensure we correctly and consistently identify risks in new products, and maintain compliance with relevant regulatory requirements.

The Security team ensures that Asana's users and employees are safe from malicious activity and accidental disclosure. We build the systems and tools that enable the rest of Asana to develop secure software easily. We're focused on secure-by-default frameworks, least privilege access, detection and alerting, and eliminating bug classes.

The Security team builds the systems and tools that enable the rest of Asana to develop secure software easily. We're focused on secure-by-default frameworks, least privilege access, detection and alerting, and eliminating bug classes.

What you'll achieve

  • Develop a Security program that identifies and minimizes risk while ensuring we meet our compliance and legal objectives

  • Build relationships with internal and external stakeholders to make sure the Security program is on the right track

  • Document our Security controls, risky systems, and process gaps

  • Prioritize and plan the Security team's high level work along with which compliance standards we need to address next

  • Work with auditors to document compliance gaps and work with leadership to convert them into actionable programs.

  • Develop and tune productionization plans with minimal to no disruption to services

  • Reject false trade-offs and bring visibility to meaningful trade-offs to stakeholders.

About you

  • 4+ years of experience in a compliance or technical program management

  • Bachelor degree in Computer Science, Information Systems, or similar field or 3+ years of experience in lieu of the degree

  • Experience with information security required

  • Ability to translate regulatory, compliance, or customer requirements into concise and practical engineering requirements and prioritize compliance standards for maximum business impact and minimum disruption

  • Experience working with a broad set of internal stakeholders across various departments.

  • Experienced in planning, project definition, schedule, resources, technical decisions and trade-offs, as well as tracking, executing, and releasing projects to production


  • Experience in Enterprise SaaS

  • Experience in coding & being able to help engineers in fixing small problems in code

  • AWS experience

  • Experience with at least one of: SOC 2, ISO 27001, HIPAA, FERPA, PrivacyShield, SOX 404, or CSA STAR

About us

Asana is a leading work management platform, helping more than 70,000 organizations and millions of users across 195 countries organize and manage all of their work, including AB-InBev, Airbnb, AllBirds, KLM Air France, Kohl's, NASA, Panera, Sephora, Uber, Viessmann Group and Vox Media. Asana has been named a Top 5 Best Place to Work by FORTUNE three years in a row, and one of Glassdoor's and Inc.'s Best Places to Work. Headquartered in San Francisco with offices in New York, Dublin, Sydney, Vancouver, and Reykjavk, Asana is always looking for curious, collaborative people to be a part of our inclusive culture and help us achieve our mission.

Our goal is to ensure that Asana upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company. We welcome applicants of all educational backgrounds, gender identities and expressions, sexual orientations, religions, ethnicities, ages, citizenships, socioeconomic statuses, disabilities, and veteran statuses, and we'd love to learn about what you can add to our team.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Technical Program Manager Security

Sift Science

Posted 7 months ago

VIEW JOBS 5/8/2019 12:00:00 AM 2019-08-06T00:00 About the team: Our team is responsible for building, scaling, and managing the distributed systems that ingest, process, store, and make accessible trillions upon trillions of events about users, transactions, and other entity data we receive from our customers. We care about things like uptime, high availability, and low latency. Load balancing, auto-scaling, and automation are in our DNA and are what makes it easy for us to keep up with the growth of our business and the growth of our customers. What we're looking for: As the first Technical Program Manager of Security in engineering, you will be responsible for ensuring that Sift Science's Trust Platform is deserving of and exceeding that trust from a technical perspective by continually improving Sift Science's security posture. What you'll do: * Partner with members across Sift organization and define our security strategy and roadmap * Actively engage with the sales team, customers, and the community to understand the security scenarios and features that are relevant & critical to Sift Science and represent Sift Science * Develop business cases for project prioritization & investment based on risk profile of our customer's data while balancing business needs vs. technical constraints * Drive security related engineering work across multiple engineering teams * Engage with external partners & auditors to drive various compliance and auditing needs to successful completion * Mentor engineers on relevant aspects of security * Understand the implementation details in depth to prioritize & execute effectively on security initiatives * Get your hands dirty and be able to directly implement security measures as necessary What would make you a strong fit: * 5+ years of experience in technical program or product management * 5+ years of experience in driving security initiatives * Experience driving compliance programs (SOC2, PCI, etc), leading technical risk assessment and developing security engineering best practices * Experience with threat modeling and incident response * Experience with big data that contains PII * Strong technical understanding of security: network, OS, software, cryptographic systems, key-management systems, hosted cloud environments (AWS), etc. * Strong analytical and quantitative skills, with the ability to use data & metrics to backup recommendations. * Strong communication skills, for both technical and non-technical audience * BS in Computer Science or related field A little about us: Sift is the leading innovator in Digital Trust & Safety. Hundreds of disruptive, forward-thinking companies like Airbnb, Patreon, Zoosk, and ChowNow trust Sift to deliver outstanding customer experience while preventing fraud and abuse. The Sift engine powers Digital Trust & Safety by helping companies stop fraud before it happens. But it's not just another anti-fraud platform: Sift enables businesses to tailor experiences to each customer according to the risk they pose. That means fraudsters experience friction, but honest users do not. By drawing on insights from our global network of customers, Sift allows businesses to scale, win, and thrive in the digital era. Benefits and Perks: * Competitive total compensation package * 401k plan * Medical, dental and vision coverage * Wellness reimbursement * Education reimbursement * Flexible time off * Catered meals Sift is an equal opportunity employer. Our core value of "Be Tough On Ideas And Excellent To Each Other" is built on a foundation of diversity and inclusion; we work together to ensure the best ideas win. We hire people with different perspectives, educational backgrounds, and life experiences, because we know this makes us stronger, healthier, and more innovative. Our commitment to belonging enables us to bring our full selves to work so we can contribute our talents in meaningful ways and "Win As One Team." Sift Science San Francisco CA

Technical Program Manager, Security