Fivetran
Technical Program Manager - Security
Fivetran, Denver, Colorado, United States, 80285
From Fivetran's founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses, canonical and ready to query, with no engineering or maintenance required. We're proud that more organizations continue to leverage our technology every day to become truly data-driven.
About the Role
Fivetran is building data pipelines to power the modern data stack for thousands of companies.
We're looking for a high-performance, experienced hands-on technical program manager (TPM) in the security domain to be part of an Engineering team. In this role, you will be responsible for leading and managing security-related initiatives across the organization. It involves collaborating with cross-functional teams to ensure the successful planning, execution, and delivery of security programs. The TPM will act as a bridge between technical teams and business stakeholders, ensuring alignment with organizational goals while mitigating security risks.
The work is very diverse. Fivetran is a multi-cloud environment operating on AWS, GCP, and Azure. You will help select security tools, implement improvements within our environments, and assist in developing new processes to increase our security posture.
This is a full-time, hybrid position based out of our Denver, CO office in the US.
Technologies You'll Use
Bash, Python, JS, BigQuery, Looker, Sigma, Azure, AWS, GCP, Terraform, Docker, Kubernetes, Github, Buildkite, SonarQube, Grafana, Prisma, Synk, Signal Sciences
What You'll Do
This is the primary person in engineering who's responsible for the execution of the security vulnerability management program for engineering, including infrastructure, code, and dependency vulnerabilities for our code. Collaborate with Security and Engineering teams to ensure vulnerabilities are identified, prioritized, and patched. Provide technical oversight and accountability, ensuring effective delivery of security fixes. Enhance processes by evaluating tools, recommending improvements, and driving automation for faster resolution. Analyze and streamline security issues using tools like Prisma and Snyk through filtering, deduplication, and automation. Establish and lead a code scanning program in collaboration with infrastructure, engineering, and security teams to ensure seamless integration and sustainable security practices. Dedicate up to 20% of the time to assessing business systems to identify vulnerabilities and compliance gaps proactively. Develop a scanning and detection plan, establishing policies and standards for internal data access tools to improve overall system security. Advocate for tools and solutions that support shift-left strategies, driving early integration of security and testing in the development lifecycle. Skills We're Looking For
Over 5 years of experience in technical program management with a strong focus on security engineering, vulnerability management, cloud security, and application security. Proficient in applying program management methodologies, tools, and best practices to deliver complex security initiatives. Exceptional skills in prioritization, organization, and multi-tasking to manage multiple programs effectively. Proven ability to work collaboratively with cross-functional teams including product teams, SRE/QE engineers, and developers to embed a security-first mindset into workflows and practices. Deep understanding of key security domains, including application/infrastructure security, data privacy, threat modeling, vulnerability management, and secure software development lifecycle (SDLC). Strong grasp of security concepts and principles such as network security, encryption, authentication, and authorization. Hands-on experience with SAST/DAST tools, agent-based firewalls, IDS/IPS technologies, and automation tools for security orchestration. Experience with scripting languages for automating security processes. Proficient in researching and validating vulnerabilities while proposing effective remediation or mitigation strategies. Strong familiarity with OWASP principles and best practices for securing web applications, including the OWASP Top 10 vulnerabilities and Application Security Verification Standard (ASVS) Up-to-date knowledge of market trends, emerging technologies, and best practices in cloud security Strong analytical, problem-solving, and communication skills to address security challenges, coupled with the ability to influence and collaborate effectively with engineering teams in enhancing security measures and mitigating vulnerabilities in a dynamic, fast-paced environment. #LI-MD1 #LI-HYBRID
The pay range displayed on this job posting reflects the minimum and maximum target for new hire salaries for the target position and level. Our pay ranges are determined by role, level, and location. Our job titles may span more than one career level. Within the range, individual pay is determined by additional factors, including job-related skills, experience, relevant education or training, business need, market demands. The pay range is subject to change and may be modified in the future. Your recruiter can share more about the specific pay range for your location during the hiring process.
This range represents base salary only and does not include incentive for sales roles, equity, or benefits, if applicable.
Pay Range
$137,172-$171,466 USD
Perks and Benefits
100% employer-paid medical insurance * Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off RSU stock grants* Professional development and training opportunities Company virtual happy hours, free food, and fun team-building activities Monthly cell phone stipend Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching, and self-guided mindfulness exercises for all covered employees and their covered dependents.
* May vary by country and worker type - please reach out to your recruiter for more information
Click here to learn more about Fivetran's Benefits by Region.
We're honored to be valued at over $5.6 billion, but more importantly, we're proud of our core values of Get Stuck In, Do the Right Thing, and One Team, One Dream. Read about us in Forbes.
Fivetran brings together high-quality talent across the globe to make data access as easy and reliable as electricity for our customers. We value and recognize that our customers benefit from having innovative teams made of people from many backgrounds, experiences, and identities. Fivetran promotes diversity, equity, inclusion & belonging through attracting, recruiting, developing, and retaining a diverse workforce, not only because it is the right thing to do, but because it helps us build a world-class company to better serve our customers, our people and our communities.
To learn more about Fivetran's culture and what it's like to be part of the team, click here and enjoy our video.
To learn more about our candidate privacy policy, you can read our statement here.
We are committed to ensuring that all candidates have an equal opportunity to participate in our interview process. If you require accommodations at any stage of the process due to a disability, medical condition, or any other circumstance, please don't hesitate to submit your request by filling out this form. We will work with you to provide reasonable accommodations to facilitate your participation and ensure a fair and accessible interview experience. Your request and any information provided will be kept confidential and will not impact your candidacy. We look forward to hearing from you and accommodating your needs to the best of our ability.
About the Role
Fivetran is building data pipelines to power the modern data stack for thousands of companies.
We're looking for a high-performance, experienced hands-on technical program manager (TPM) in the security domain to be part of an Engineering team. In this role, you will be responsible for leading and managing security-related initiatives across the organization. It involves collaborating with cross-functional teams to ensure the successful planning, execution, and delivery of security programs. The TPM will act as a bridge between technical teams and business stakeholders, ensuring alignment with organizational goals while mitigating security risks.
The work is very diverse. Fivetran is a multi-cloud environment operating on AWS, GCP, and Azure. You will help select security tools, implement improvements within our environments, and assist in developing new processes to increase our security posture.
This is a full-time, hybrid position based out of our Denver, CO office in the US.
Technologies You'll Use
Bash, Python, JS, BigQuery, Looker, Sigma, Azure, AWS, GCP, Terraform, Docker, Kubernetes, Github, Buildkite, SonarQube, Grafana, Prisma, Synk, Signal Sciences
What You'll Do
This is the primary person in engineering who's responsible for the execution of the security vulnerability management program for engineering, including infrastructure, code, and dependency vulnerabilities for our code. Collaborate with Security and Engineering teams to ensure vulnerabilities are identified, prioritized, and patched. Provide technical oversight and accountability, ensuring effective delivery of security fixes. Enhance processes by evaluating tools, recommending improvements, and driving automation for faster resolution. Analyze and streamline security issues using tools like Prisma and Snyk through filtering, deduplication, and automation. Establish and lead a code scanning program in collaboration with infrastructure, engineering, and security teams to ensure seamless integration and sustainable security practices. Dedicate up to 20% of the time to assessing business systems to identify vulnerabilities and compliance gaps proactively. Develop a scanning and detection plan, establishing policies and standards for internal data access tools to improve overall system security. Advocate for tools and solutions that support shift-left strategies, driving early integration of security and testing in the development lifecycle. Skills We're Looking For
Over 5 years of experience in technical program management with a strong focus on security engineering, vulnerability management, cloud security, and application security. Proficient in applying program management methodologies, tools, and best practices to deliver complex security initiatives. Exceptional skills in prioritization, organization, and multi-tasking to manage multiple programs effectively. Proven ability to work collaboratively with cross-functional teams including product teams, SRE/QE engineers, and developers to embed a security-first mindset into workflows and practices. Deep understanding of key security domains, including application/infrastructure security, data privacy, threat modeling, vulnerability management, and secure software development lifecycle (SDLC). Strong grasp of security concepts and principles such as network security, encryption, authentication, and authorization. Hands-on experience with SAST/DAST tools, agent-based firewalls, IDS/IPS technologies, and automation tools for security orchestration. Experience with scripting languages for automating security processes. Proficient in researching and validating vulnerabilities while proposing effective remediation or mitigation strategies. Strong familiarity with OWASP principles and best practices for securing web applications, including the OWASP Top 10 vulnerabilities and Application Security Verification Standard (ASVS) Up-to-date knowledge of market trends, emerging technologies, and best practices in cloud security Strong analytical, problem-solving, and communication skills to address security challenges, coupled with the ability to influence and collaborate effectively with engineering teams in enhancing security measures and mitigating vulnerabilities in a dynamic, fast-paced environment. #LI-MD1 #LI-HYBRID
The pay range displayed on this job posting reflects the minimum and maximum target for new hire salaries for the target position and level. Our pay ranges are determined by role, level, and location. Our job titles may span more than one career level. Within the range, individual pay is determined by additional factors, including job-related skills, experience, relevant education or training, business need, market demands. The pay range is subject to change and may be modified in the future. Your recruiter can share more about the specific pay range for your location during the hiring process.
This range represents base salary only and does not include incentive for sales roles, equity, or benefits, if applicable.
Pay Range
$137,172-$171,466 USD
Perks and Benefits
100% employer-paid medical insurance * Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off RSU stock grants* Professional development and training opportunities Company virtual happy hours, free food, and fun team-building activities Monthly cell phone stipend Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching, and self-guided mindfulness exercises for all covered employees and their covered dependents.
* May vary by country and worker type - please reach out to your recruiter for more information
Click here to learn more about Fivetran's Benefits by Region.
We're honored to be valued at over $5.6 billion, but more importantly, we're proud of our core values of Get Stuck In, Do the Right Thing, and One Team, One Dream. Read about us in Forbes.
Fivetran brings together high-quality talent across the globe to make data access as easy and reliable as electricity for our customers. We value and recognize that our customers benefit from having innovative teams made of people from many backgrounds, experiences, and identities. Fivetran promotes diversity, equity, inclusion & belonging through attracting, recruiting, developing, and retaining a diverse workforce, not only because it is the right thing to do, but because it helps us build a world-class company to better serve our customers, our people and our communities.
To learn more about Fivetran's culture and what it's like to be part of the team, click here and enjoy our video.
To learn more about our candidate privacy policy, you can read our statement here.
We are committed to ensuring that all candidates have an equal opportunity to participate in our interview process. If you require accommodations at any stage of the process due to a disability, medical condition, or any other circumstance, please don't hesitate to submit your request by filling out this form. We will work with you to provide reasonable accommodations to facilitate your participation and ensure a fair and accessible interview experience. Your request and any information provided will be kept confidential and will not impact your candidacy. We look forward to hearing from you and accommodating your needs to the best of our ability.