We are looking for a seasoned Technical Project Manager (TPM) with a solid background in infrastructure security , vulnerability management , and application security in the financial services industry . In this role, you will be responsible for leading critical security initiatives, ensuring compliance with industry regulations, and driving collaboration across engineering, security, risk, and business teams. The ideal candidate will bring hands-on experience in security technologies, vulnerability assessments, and remediation strategies, all within large-scale enterprise environments.
Key Responsibilities:
Project Leadership & Execution:
- Lead and manage end-to-end security projects, specifically in vulnerability management and application security.
- Collaborate with cross-functional teams to define project scope, objectives, timelines, and key deliverables, ensuring alignment with security and business goals.
- Drive projects to completion while adhering to industry security standards and regulatory requirements.
Vulnerability & Application Security Management:
- Oversee vulnerability scanning, risk assessments, and remediation efforts, ensuring timely resolution of security issues.
- Partner with engineering teams to prioritize security vulnerabilities and drive corrective actions across both infrastructure and application layers.
- Coordinate penetration testing, secure code reviews, and threat modeling exercises to identify and mitigate potential security threats.
- Ensure patch management processes are effectively executed and aligned with security protocols.
Collaboration & Communication:
- Act as a liaison between security teams, DevOps, engineering, and business stakeholders, ensuring seamless communication and alignment on security initiatives.
- Provide regular project updates, risk assessments, and mitigation strategies to leadership and key stakeholders.
- Clearly communicate security concerns, escalating issues as necessary to maintain alignment with business priorities.
Compliance & Risk Management:
- Ensure compliance with relevant financial regulations and security frameworks, including ISO 27001, NIST, PCI-DSS, and SOC 2.
- Collaborate with audit and risk teams to track, report, and mitigate security risks across the organization.
- Drive security awareness programs and advocate for security best practices across teams.
Qualifications & Experience:
Required:
- 8+ years of technical project management experience in cybersecurity , vulnerability management , application security , or infrastructure security .
- Proven experience in managing security projects within the financial services industry (e.G., banking, fintech, insurance).
- Strong knowledge of vulnerability management tools (e.G., Qualys , Tenable , Rapid7) and application security tools (e.G., SAST/DAST , Veracode , Checkmarx , Burp Suite ).
- Experience with patch management , risk assessments , and implementing security controls.
- Familiarity with cloud security (AWS, Azure, GCP) and DevSecOps practices.
- Deep understanding of compliance and security frameworks (e.G., NIST , ISO 27001 , CIS Controls , OWASP , PCI-DSS ).
- Proven experience working in agile environments with tools such as JIRA and Confluence .
- Strong stakeholder management and communication skills , with the ability to translate complex technical security issues into clear business impacts.
Preferred:
- Security certifications such as CISSP , CISM , CEH , PMP , or AWS Security Specialty .
- Experience with zero-trust architecture , IAM , or endpoint security solutions .
- Knowledge of AI/ML security risks and secure software development practices.