Senior Technical Program Manager, Information Security Risk

About the team

The ZG Information Security team builds cutting-edge solutions to protect our technology stack, products, and services. We are deeply embedded across the business to ensure security is built into the fabric of how we design, develop, and deliver. Our mission is to proactively identify and manage security risks while enabling the company’s innovation and growth. We work closely with Engineering, IT, Legal, Privacy, and Compliance teams to build scalable risk management programs and promote a culture of security across the organization.

About the role

This high-visibility, high-impact role drives the end-to-end strategy, execution, and continuous improvement of technical programs that form the backbone of Zillow’s security risk posture. You will influence enterprise-wide risk assessments, regulatory and compliance readiness, third-party risk management, and cross-functional security initiatives that span business and engineering domains.

As a Senior Technical Program Manager, You Will Get To

• Lead and deliver critical security risk programs from initiation through execution, defining scope, success criteria, milestones, and delivery timelines in partnership with InfoSec and cross-functional teams.

• Operationalize the risk lifecycle—including identification, assessment, remediation planning, and closure—across business units and technology environments.

• Manage the lifecycle of information security policies and standards, partnering with subject matter experts to ensure clarity, applicability, and audit readiness.

• Run scalable programs to evaluate and track third-party risks, ensuring alignment with Zillow’s security expectations.

• Build reporting dashboards and communication mechanisms to surface key risk indicators, trends, and mitigation progress to technical and executive stakeholders, supporting compliance objectives.

• Drive programmatic readiness for regulatory obligations (SOX, GLBA, SOC 2, etc.), aligning technical teams with audit and compliance objectives.

• Collaborate across Engineering, IT, Legal, and Business teams to align on risk priorities, remove blockers, and ensure program success.

• Proactively identify opportunities to improve existing programs and processes, embedding automation, risk quantification, and data-driven insights.

This role has been categorized as a Remote position. “Remote” employees do not have a permanent corporate office workplace and, instead, work from a physical location of their choice, which must be identified to the Company. U.S. employees may live in any of the 50 United States, with limited exceptions.

In California, Colorado, Connecticut, Hawaii, Maryland, Massachusetts, Nevada, New Jersey, New York, Vermont, Washington state, and Washington DC the standard base pay range for this role is $145,500.00 - $232,500.00 Annually. This base pay range is specific to California, Colorado, Connecticut, Hawaii, Maryland, Massachusetts, Nevada, New Jersey, New York, Vermont, Washington state, and Washington DC and may not be applicable to other locations.

In addition to a competitive base salary this position is also eligible for equity awards based on factors such as experience, performance and location. Actual amounts will vary depending on experience, performance and location.

Who you are

• Proven success driving complex technical programs with multiple workstreams and dependencies, ideally in cybersecurity, risk, or compliance.

• Solid understanding of security domains including vulnerability management, IAM, encryption, security tooling, and cloud security practices.

• Strong at designing and running repeatable, scalable programs with clear outcomes and stakeholder alignment.

• Familiar with NIST, ISO 27001, FAIR, or similar standards to guide prioritization and decision-making.

• Skilled at translating technical risk into business impact, and tailoring messaging for engineering teams, executives, and auditors.

• Comfortable navigating ambiguity, prioritizing competing demands, and building strong cross-functional partnerships.

• PMP, CISSP, CISM, CRISC, or equivalent experience preferred.

• Here at Zillow – we value the experience and perspective of candidates with non-traditional backgrounds. We encourage you to apply if you have transferable skills or related experiences.

Get to know us

Zillow is reimagining real estate to make home a reality for more and more people.

As the most-visited real estate website in the United States, Zillow® and its affiliates help movers find and win their home through digital solutions, first class partners, and easier buying, selling, financing and renting experiences. Millions of people visit Zillow Group sites every month to start their home search, and now they can rely on Zillow to help make it easier to move. The work we do helps people get home and no matter what job you're in, you will play a critical role in making home a reality for more and more people.

Our efforts to streamline the real estate transaction are supported by a deep-rooted culture of innovation, our passion to redefine the employee experience, a fundamental commitment to Equity and Belonging, and world-class benefits. These benefits include comprehensive medical, dental, vision, life, and disability coverages as well as parental leave, family benefits, retirement contributions, and paid time off. We’re also setting the standard for work experiences of the future, where our employees are supported in doing their best work and living a flexible, well-balanced life. But don’t just take our word for it. Read recent reviews on Glassdoor and recent recognition from multiple organizations, including: the 100 Best Companies to Work For, Glassdoor Employees’ Choice Award, Bloomberg Gender-Equality Index, Human Rights Campaign (HRC) Corporate Equity Index, and TIME 100 Most Influential Companies list.

Zillow Group is an equal opportunity employer committed to fostering an inclusive, innovative environment with the best employees. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please contact your recruiter directly.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable state and local law.

Applicants who receive job offers from Zillow Group will be asked to sign a Proprietary Rights Agreement which includes confidentiality, intellectual property assignment, customer and employee non-solicitation, and non-competition provisions. If you are contacted for a role at Zillow Group and wish to review a copy of the Proprietary Rights Agreement prior to receiving an offer, you may request a copy from your Recruiter.