Technical Program Manager, Vulnerability Management

About AssuranceAssurance IQ is a technology company headquartered in Seattle. We were acquired by Prudential (NYSE: PRU) to further the joint mission of improving financial wellness across the world.
Our team of world class software engineers, data scientists, and business professionals work every day to expand our product offerings and the reach of our platform. We simplify the complex world of insurance and financial services into straightforward, valuable solutions to improve people's lives. We start by asking customers a few questions, so our system can learn about their needs; from there, our ground-breaking, proprietary platform takes over and analyzes the thousands of data points that make customers unique. This is how we create custom-tailored plans for each customer; plans built precisely for their needs and budget. Our platform serves as the intersection between customer and seller, technology, and the human touch.
At Assurance, we are innovative, persevering, collaborative, calculated, and authentic, and we're working together to improve the lives of millions!
The Assurance Information Security team is responsible for the security of all Assurance systems and data. The Assurance Information Security team works with application teams to design and build secure systems at-scale, coordinate cross-department security projects, and solve security challenges for the enterprise.
The Assurance Information Security team is looking for a Technical Program Manager to help develop and scale security operations in partnership with application teams. This candidate will be responsible for addressing technical security issues, as well as responding to emerging threats.
Candidates should be a self-starter who thrives in a collaborative environment and who is able to work through ambiguity to incrementally deliver value. Candidates should have strong problem-solving skills, strong communication skills, and a strong, technical understanding of application security, cloud security threats, and mitigations/controls in cloud environments.

Responsibilities:

• Conduct risk and vulnerability assessments, analyze findings and assess risk to the organization
• Execute continuous monitoring
• Document and report findings to a wide-range of technical and non-technical stakeholders
• Drive remediation activities through completion with partner teams
• Advise partner teams on secure designs of systems, applications, and networks
• Maintain an understanding of threat actors, TTPs, and ongoing threat intelligence
• Ensure compliance with industry best practices and regulatory requirements
• Work with partner teams to improve enterprise security posture and tooling

Minimum qualifications:

• Bachelor’s Degree in Computer Science or related field, or equivalent experience
• 3+ years experience in an information security role. Start-up or small enterprise experience preferred.
• 3+ years of application security experience
• Experience communicating technical concepts to a non-technical audience
• Experience working with one or more risk/security framework such as NIST, PCI, SOC, HIPAA FedRAMP.

Preferred qualifications:

• Scripting skills (Python, Java, Ruby, etc.)
• Experience designing, building, or testing web applications and other API-based applications
• Understanding of security vulnerabilities and vulnerability management
• Understanding of security best practices in one or more areas: cryptography, network security, security operations, incident response, secure development lifecycle.

Choose Assurance Because:· Exceptional base salary plus bonus structure· Comprehensive benefits which include, medical, dental, vision, 401K and more· Unlimited paid vacation, sick leave, plus paid holidays.· Growth opportunities, advance your career rapidly, we offer leadership development training and promote from within.· Ongoing coaching and career development including individual and group coaching sessions.· Fast paced, high performance environment.