Keyrock is hiring a Senior Security Program Manager to drive the execution of our highest-priority security initiatives across a fast-moving, always-on trading environment. You will build structure, visibility, and predictable delivery across security programs, partnering with Engineering, Infrastructure/Cloud, Trading/Quant Engineering, IT, Risk/Compliance, and leadership to reduce risk while enabling business velocity.
What You'll Do
- Own a portfolio of security programs, including planning, resourcing, milestones, dependencies, risk/issue management, and outcomes.
- Create and maintain multi-quarter roadmaps aligned to Keyrock’s business and operating model across venues and services.
- Establish governance and operating cadence: steering meetings, status reporting, program reviews, and executive updates.
- Support the CISO in delivering firmwide initiatives.
- Partner with Security and Engineering teams to drive key initiatives such as access governance, secrets management, vulnerability remediation, security logging/monitoring improvements, endpoint/security baseline, and secure SDLC enablement.
- Help mature control coverage and evidence for internal/external assurance needs.
- Partner with the Director of GRC to support GRC and audit initiatives.
- Partner with Security Operations to improve incident preparedness through playbooks, tabletop exercises, lessons learned, and operational runbooks.
- Act as the “glue” across technical and business stakeholders—clarifying ownership, unblocking delivery, and keeping programs moving with crisp communication.
- Build lightweight, scalable processes that improve security consistency without slowing teams.
What We're Looking For
- 7+ years in security program management, technical program management, or security operations program delivery.
- Demonstrated experience running cross-functional programs across engineering and operations, including scope, schedule, risks, and dependencies.
- Strong technical fluency in cloud/infrastructure, identity/access, vulnerability management, security monitoring, and incident processes.
- Excellent written and verbal communication with the ability to translate complex risk into clear priorities.
Nice to Have
- Experience in fintech, trading, payments, or digital assets, especially environments requiring high uptime and rapid execution.
- Familiarity with security frameworks like NIST CSF or ISO 27001 and audit/assurance concepts.
- Experience supporting security programs that intersect with financial integrity domains.
- Relevant certifications such as CISM, CISSP, CISA, CRISC, or PMP, or equivalent demonstrated expertise.
Work Mode
This is a global position.
Keyrock is an equal opportunity employer.
