Note: The job is a remote job and is open to candidates in USA. Vertex Inc. is seeking a Security Program Manager to enhance the Office of the CISO. This role involves connecting security initiatives and metrics across the organization, managing the full lifecycle of security programs, and leveraging AI tools to improve operational efficiency.
Responsibilities
- Own the operating cadence of the CISO function — weekly staff meetings, monthly program reviews, and quarterly business reviews
- Produce the recurring decision-grade CISO report (executive summary, OKR scorecard, KPI scorecard, portfolio milestones, decisions required)
- Maintain a single portfolio view across all security programs — intake, approved, executing, complete — with clear stage gates, owners, and forecasts
- Drive meeting preparation, documentation, stakeholder communication, and follow-through so leadership can focus on judgment calls, not coordination
- Run the quarterly OKR lifecycle across all four security teams — define, align, health check, and score. Ensure every Key Result has a baseline, target, owner, measurement method, and confidence level
- Maintain a KPI dictionary with definitions, formulas, systems of record, thresholds, and cadence — covering posture KPIs, program delivery KPIs, and team execution KPIs
- Ensure 100% of project work is mapped to an OKR or documented as run the business
- Lead monthly trend analysis and tie outcomes back to security and business objectives
- Own end-to-end delivery of security programs — risk management, vulnerability management, security awareness, product onboarding into security, M&A security execution, incident readiness, and compliance initiatives
- Act as the primary liaison between Security and Engineering, IT, Product, Legal, Privacy, Finance, People, Sales, and Customer Success
- Manage cross-team dependencies, and decision logs as drivers of action
- Enforce escalation SLAs and stage gates with a small, senior, expert team
- Build recurring deliverables for executive leadership, audit committee, and board updates — executive summaries, slide content, speaker notes, and Q&A prep
- Translate technical security and AI governance topics for non-technical executive audiences with clarity and brevity
- Produce decision-grade options memos with root cause, tradeoffs, recommendation, owner, and deadline
- Use AI tooling (e.g., Microsoft 365 Copilot, Claude, ServiceNow AI) deliberately and daily — for status synthesis, dashboard refresh, meeting recaps, draft communications, evidence collection, and audit response prep
- Identify and execute automation opportunities across security operations, GRC, and compliance workflows
Skills
- 7+ years of progressive program or portfolio management experience, with 4+ years dedicated to information security, GRC, or product security programs in a SaaS or cloud environment
- Proven track record running OKR/KPI operating systems for security or technology leaders, including executive-ready reporting
- Direct experience coordinating across GRC, Product/Application Security, Security Operations/Incident Response, and emerging AI security and governance functions
- Demonstrated ability to operate as connective tissue across Engineering, Legal, Product, IT, Finance, and Sales — leading through influence rather than authority
- Mastery of program management tooling — Jira, Confluence, ServiceNow, Smartsheet, PowerPoint, Excel/Power BI
- Strong executive written and verbal communication; ability to produce concise, structured, dashboard-style one-pagers and decision memos
- Comfortable enforcing operating discipline (cadences, stage gates, escalation SLAs) in a small, senior, expert team
- Bias for action, ownership, and outcome — not activity
- Hands-on, deliberate daily use of AI tooling in your own workflows (drafting, synthesis, dashboards, evidence preparation, meeting recaps)
- Understanding of AI security concerns: model risk, data leakage, prompt injection, third-party AI vendor risk, Shadow AI, AI guardrails, and Responsible AI principles
- PMP, PgMP, or equivalent program management certification
- CISSP, CISM, CRISC, or CISA (one strongly preferred)
- AI Governance certification (e.g., IAPP AIGP, ISO 42001 Lead Implementer)
Benefits
- This role may be eligible for the Vertex Bonus Plan (VOB)
- A role-specific sales commission/bonus
- Equity grants
Company Overview
Company H1B Sponsorship