Technical Program Manager, Security
Everlaw is looking for a Technical Program Manager, Security. Reporting to the Director, Security Engineering, you will be a leading member of the technical security team at the company, working to define and implement Everlaw's ongoing security strategy. Security is one of the main strategic pillars at Everlaw, and we are looking for someone to help us execute on that strategy and protect our most valuable asset--our customer data. From leading the operational roadmap activities to driving process improvements, the work you do will be centered around promoting a culture of security awareness throughout Everlaw.
Everlaw's customers entrust us with some of their most sensitive information, and it takes dedication and care to protect it. Some of the world's most high-profile cases are managed using the Everlaw Platform. We set a high bar to do what's right by our users. Tackling litigation with technology presents deep challenges. Data is spread across distributed systems, stored in varied databases, housed at different physical locations. Keeping our users' data safe requires a passion for learning new technologies because we have to be good custodians no matter whether data flows through a Web application, gets stored in a data warehouse, or is used to train the latest machine learning algorithms. We are dedicated to continuously learning and improving our processes to achieve our mission.
Security Engineering supports teams across Everlaw in creating and operating a secure platform that meets the security and compliance requirements of our customers and company. We collaborate, build, and use technology to make it easy to do the right thing. We seek to understand people's needs and strive to protect confidentiality, integrity, and availability of information.
At Everlaw, our mission is to promote justice by illuminating truth. Our company culture is open and vibrant and we’re committed to the professional growth of our team members, offering an annual learning and development stipend and regular check-ins with managers regarding career goals. If you’re looking for a place that values passion, integrity, thinking big, and a desire to learn, we’d love to hear from you! Think you’re missing some of the skills and are hesitant to apply? We do not believe in the ‘perfect’ candidate and encourage you to apply if you feel you can bring value to our team.
This is a full-time, exempt position located onsite in Oakland, California.
- We want you to feel like part of the team early on! Our onboarding process will integrate you into the company with informative sessions on our product, policies, processes, and team structure and goals.
- We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and uplevel the team, but we don’t expect you to know everything on Day 1.
In your role, you'll...
- Lead execution of the strategy of our security program; contribute to development, implementation, and maintenance of the security program; and ensure alignment with industry standards and best practices.
- Support the management team in setting, tracking, and achieving OKRs/KPIs.
- Prepare and present regular security reports to senior management and stakeholders.
- Collaborate with Engineering, Engineering Operations, IT, and GRC teams to help meet our operational security commitments and ensure a cohesive and effective security strategy.
- Oversee the vulnerability management program, including process, risk evaluation criteria, and risk management.
- Support the Everlaw Compliance roadmap by partnering with the Governance, Risk, and Compliance team as the main interface to the Engineering department.
- Evolve the Secure Software Development Lifecycle (SSDLC) and nurture security champions within the product development teams.
- Ensure recovery and improvement after incident response. Conduct post-mortem analysis, reporting, and tracking of deliverables to completion.
- Support Vendor Security and Customer Trust initiatives.
- You have a Bachelor's degree (preferably in Computer Science or Information Security), or at least 2 years of relevant professional experience.
- You hold a PMP or SAFe certification.
- You have proven experience as a Project Manager in a SaaS company or complex technical environment.
- You demonstrate strong understanding of security principles, standards, and frameworks (e.g., ISO 27001, NIST CSF, CIS).
- You have experience with security tools and technologies, such as firewalls, vulnerability scanners, intrusion detection systems, and SIEM solutions.
- You have excellent project management skills.
- You demonstrate strong communication and interpersonal skills, and use them to collaborate effectively with cross-functional teams.
- You can explain technical concepts without jargon, and keep security relatable. A big part of the job is helping others across the company solve security problems.
- You are willing to find creative ways to improve security without blocking others. Security is important, but it's just as important for people to be able to do their work, and we need to find the right balance and make security easy for people.
- You keep up with emerging security threats and trends.
- You are able to work independently in a one-of-a-kind role within our Engineering department.
- Master's degree in a relevant field.
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
- Proven experience as a Technical Program Manager or Security Manager in a complex technical environment.
- The expected salary range for this role is between $140,000.00 and $175,000.00. The final offered salary will be dependent upon many factors including the candidate’s experience and skills. The base pay range is subject to change in the future.
- Equity program
- 401(k) retirement plan with company matching
- Health, dental, and vision
- Flexible Spending Accounts for health and dependent care expenses
- Paid parental leave and approximately 10 days (80 hours) per year of sick leave
- Seventeen paid vacation days plus 11 federal holidays
- Membership to Modern Health to help employees prioritize mental health and wellness
- Annual allocation for Learning & Development opportunities and applicable professional membership dues
- Company-sponsored life and disability insurance
- Find out more about our Benefits and Perks
- Work in Uptown Oakland, just steps from the BART line and dozens of restaurants and walking distance to Lake Merritt
- Flexible work-from-home days on Tuesdays and Fridays
- Monthly home internet reimbursement
- Select your preference of hardware (Mac or PC) and customize your desk setup
- Enjoy a wide variety of snacks and beverages in the office
- Bond over company-wide out-of-the-box events and fun activities with your team
- Time off for company-sponsored volunteer events and 4 paid hours per quarter to volunteer at a charitable organization of your choice
- Take advantage of learning and career development opportunities
- Ranked #9 on Glassdoor's Best Places to Work 2023 for US small and medium companies
- One of Wealthfront’s 2021 Career Launching Companies, and ranked #2 on the “2022 Bay Area Best Places to Work” list by the San Francisco Business Times and the Silicon Valley Business Journal
- One of Fast Company’s World's Most Innovative Companies for 2022 and proud contributor of free ediscovery resources to benefit the greater good through “Everlaw for Good”