Vertex logo

Security Program Manager

Vertex

Remote USA Full-time $114,500 - $148,800 USD per year

Job Description:

We're hiring a Security Program Manager to serve as the operating backbone of the Office of the CISO. This is a senior individual contributor role for someone who thrives on connecting people, programs, and priorities across a complex enterprise and who uses AI tooling deliberately to multiply their impact. You'll partner directly with the CISO across all pillars of our security organization to drive security initiatives, OKRs, KPIs, and metrics into a single, coherent operating system. This is not a traditional project manager role. You'll own the full lifecycle of security programs—from intake and prioritization through execution and long-term operational health—and you'll succeed through influence, structure, and clarity rather than direct authority. You'll have a direct line to the CISO and immediate visibility across the enterprise. You'll shape how security operates, how it reports, and how it scales, including how the company governs AI as adoption accelerates. If you want to do the highest-leverage program management work of your career in security, this is it.

Job Description

Run the Security Operating System

  • Own the operating cadence of the CISO function — weekly staff meetings, monthly program reviews, and quarterly business reviews.

  • Produce the recurring decision-grade CISO report (executive summary, OKR scorecard, KPI scorecard, portfolio milestones, decisions required).

  • Maintain a single portfolio view across all security programs — intake, approved, executing, complete — with clear stage gates, owners, and forecasts.

  • Drive meeting preparation, documentation, stakeholder communication, and follow-through so leadership can focus on judgment calls, not coordination.

Own the OKR, KPI, and Metrics System

  • Run the quarterly OKR lifecycle across all four security teams — define, align, health check, and score. Ensure every Key Result has a baseline, target, owner, measurement method, and confidence level.

  • Maintain a KPI dictionary with definitions, formulas, systems of record, thresholds, and cadence — covering posture KPIs, program delivery KPIs, and team execution KPIs.

  • Ensure 100% of project work is mapped to an OKR or documented as run the business.

  • Lead monthly trend analysis and tie outcomes back to security and business objectives.

Drive Cross-Functional Program Delivery

  • Own end-to-end delivery of security programs — risk management, vulnerability management, security awareness, product onboarding into security, M&A security execution, incident readiness, and compliance initiatives.

  • Act as the primary liaison between Security and Engineering, IT, Product, Legal, Privacy, Finance, People, Sales, and Customer Success.

  • Manage cross-team dependencies, and decision logs as drivers of action.

  • Enforce escalation SLAs and stage gates with a small, senior, expert team.

Build Executive & Board Communications

  • Build recurring deliverables for executive leadership, audit committee, and board updates — executive summaries, slide content, speaker notes, and Q&A prep.

  • Translate technical security and AI governance topics for non-technical executive audiences with clarity and brevity.

  • Produce decision-grade options memos with root cause, tradeoffs, recommendation, owner, and deadline.

Multiply Output Through Deliberate AI Use

  • Use AI tooling (e.g., Microsoft 365 Copilot, Claude, ServiceNow AI) deliberately and daily — for status synthesis, dashboard refresh, meeting recaps, draft communications, evidence collection, and audit response prep.

  • Identify and execute automation opportunities across security operations, GRC, and compliance workflows.

Required Experience

  • 7+ years of progressive program or portfolio management experience, with 4+ years dedicated to information security, GRC, or product security programs in a SaaS or cloud environment.

  • Proven track record running OKR/KPI operating systems for security or technology leaders, including executive-ready reporting.

  • Direct experience coordinating across GRC, Product/Application Security, Security Operations/Incident Response, and emerging AI security and governance functions.

  • Demonstrated ability to operate as connective tissue across Engineering, Legal, Product, IT, Finance, and Sales — leading through influence rather than authority.

  • Mastery of program management tooling — Jira, Confluence, ServiceNow, Smartsheet, PowerPoint, Excel/Power BI.

  • Strong executive written and verbal communication; ability to produce concise, structured, dashboard-style one-pagers and decision memos.

  • Comfortable enforcing operating discipline (cadences, stage gates, escalation SLAs) in a small, senior, expert team.

  • Bias for action, ownership, and outcome — not activity.

AI Literacy

- Hands-on, deliberate daily use of AI tooling in your own workflows (drafting, synthesis, dashboards, evidence preparation, meeting recaps).

- Understanding of AI security concerns: model risk, data leakage, prompt injection, third-party AI vendor risk, Shadow AI, AI guardrails, and Responsible AI principles.

Preferred Certifications

  • PMP, PgMP, or equivalent program management certification.

  • CISSP, CISM, CRISC, or CISA (one strongly preferred).

  • AI Governance certification (e.g., IAPP AIGP, ISO 42001 Lead Implementer).

Other Qualifications
The Winning Way behaviors that all Vertex employees need in order to meet the expectations of each other, our customers, and our partners.

Communicate with Clarity - Be clear, concise and actionable. Be relentlessly constructive. Seek and provide meaningful feedback.

Act with Urgency - Adopt an agile mentality - frequent iterations, improved speed, resilience. 80/20 rule – better is the enemy of done. Don’t spend hours when minutes are enough.

Work with Purpose - Exhibit a “We Can” mindset. Results outweigh effort. Everyone understands how their role contributes. Set aside personal objectives for team results.

Drive to Decision - Cut the swirl with defined deadlines and decision points. Be clear on individual accountability and decision authority. Guided by a commitment to and accountability for customer outcomes.

Own the Outcome - Defined milestones, commitments and intended results. Assess your work in context, if you’re unsure, ask. Demonstrate unwavering support for decisions.

COMMENTS:

The above statements are intended to describe the general nature and level of work being performed by individuals in this position. Other functions may be assigned, and management retains the right to add or change the duties at any time.

Pay Transparency Statement:

US Base Salary Range: $114,500.00 - $148,800.00

Base pay offered to new hires may vary based upon factors including relevant industry and job-related skills and experience, geographic location, and business needs.* The range displayed does not encompass the full potential of the role, which allows for further growth and career progression.

In addition, as a part of our total compensation package, this role may be eligible for the Vertex Bonus Plan (VOB), a role-specific sales commission/bonus, and/or equity grants.

Learn more about Life at Vertex and connect with your recruiter for more details regarding Vertex's compensation and benefit programs.

*In no case will your pay fall below applicable local minimum wage requirements.

Apply on company site

You will be redirected to the company website to complete your application.

Browse similar remote roles

Similar jobs

Please confirm

Are you sure you want to continue?