CrawlJobs Logo

Vendor Security Program Manager

United States, San Francisco 165600.00 - 335000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a Program Manager within the Vendor Security team, you will play a crucial role in protecting our organization against external risks posed by suppliers, vendors, partners, and hardware manufacturers. Your responsibilities will include conducting comprehensive security assessments, building a program to manage global supply chain and vendor risks, and driving security initiatives across all of our third-party relationships. You will be analytical, detail-oriented, and proactive, capable of translating complex security evaluations into clear, actionable strategies. The role is expected to operate with a strong point of view on risk. You will be responsible not only for identifying and documenting vendor and supply-chain risk, but for helping the company make informed trade-offs between speed, scale, and security. This role requires exceptional organizational skills, the ability to effectively communicate across different business functions, and a strong commitment to operational excellence in a dynamic environment.

Job Responsibility

  • Be the interface for Security to the rest of the organization for vendors
  • Own vendor security risk decisions and escalation paths, including clearly documenting risk acceptance, mitigation plans, and executive-level trade-offs when security requirements cannot be fully met
  • Conduct deep, evidence-based security assessments of third parties, including review of architectures, configurations, controls, logs, and operational practices - moving beyond questionnaires and attestations to validate real-world security posture of vendors
  • Assess and manage security risk across a diverse vendor landscape, including SaaS providers, cloud and infrastructure partners, hardware manufacturers, chip suppliers, and other strategic or high-impact suppliers
  • Develop, build, and continuously improve the vendor security program and security supply chain risk management function at OpenAI
  • Develop, propose, and implement effective controls to mitigate identified vendor risks
  • Build and maintain collaborative partnerships with key internal stakeholders including Infrastructure Security, Product, Engineering, Legal, Procurement, and Threat Intelligence to ensure comprehensive security coverage of the vendor and third-party supply chain
  • Streamline and automate vendor and supply chain security processes to increase efficiency and reduce manual overhead

Requirements

  • Proven experience conducting third-party or supply chain security assessments, including building and scaling a vendor management security program
  • An in-depth understanding of information security principles and controls, including data protection, access management, proactive and reactive security measures, and application security
  • Comfort operating in ambiguity, with the ability to form defensible security opinions even when information is incomplete, timelines are compressed, or business pressure is high
  • Strong technical and analytical skills, with a demonstrated ability to identify and assess risks from external incidents and industry breaches
  • Familiarity with workflow optimization tools such as Zip and OneTrust
  • A passion for integrating new AI technologies into your solutions
  • Exceptional verbal and written communication skills with the capability to clearly articulate complex security concepts to diverse audiences
  • A proactive mindset and desire to own and drive security initiatives within a fast-paced environment
  • Knowledge of key security frameworks and standards such as ISO-27001, NIST 800-53, SOC 2, and understanding of key regulatory requirements such as the Trade Agreement Act (TAA)

What we offer

  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided
  • Offers Equity
  • Performance-related bonus(es) for eligible employees

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Vendor Security Program Manager

8 matching positions

Senior Technology Vendor Program Manager

This role supports services provided to the federal government or federal govern...
Location
Location
United States of America , Virtual
Salary
Salary:
132000.00 - 146000.00 USD / Year
alight.com Logo
Alight Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in technology program management, vendor management, or portfolio governance
  • Experience working with technology vendors (SaaS, cloud, infrastructure, or platforms)
  • Strong understanding of vendor performance metrics (SLAs, KPIs)
  • Comfort building and improving processes in evolving environments
  • US Citizenship
Job Responsibility
Job Responsibility
  • Maintain a clear view of vendor and application strategy, ownership, and lifecycle
  • Support planning across key stages: sustain, enhance, modernize, and retire
  • Facilitate regular portfolio reviews to track progress, surface risks, and drive decisions
  • Build and maintain vendor scorecards (SLAs, performance, usage, satisfaction)
  • Track issues, manage escalations, and ensure follow-through to resolution
  • Help ensure vendors deliver on commitments and business expectations
  • Lead regular license and usage reviews (e.g., purchased vs. used vs. needed)
  • Partner with teams to reclaim unused licenses and reduce waste
  • Provide clear insights to support planning and renewal readiness
  • Partner with Security, Risk, and Legal teams to track vendor risk and compliance requirements
What we offer
What we offer
  • health, dental and vision coverages starting Day One
  • wellbeing programs
  • retirement plans with contribution matching
  • generous time off
  • parental leave
  • continuing education
  • career growth opportunities
  • competitive total rewards package
  • continuing education & training
  • bonus and/or incentive eligibility
  • Fulltime
Read More
Arrow Right

Cyber Security Program Manager

We are looking for a skilled Cyber Security Program Manager to lead and oversee ...
Location
Location
United States , Shelton
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5 years of experience in project management with a focus on cyber security
  • Strong expertise in project planning, milestone tracking, risk management, and status reporting
  • Proven ability to lead teams and resolve project-related issues effectively
  • Capacity to manage multiple projects simultaneously in a dynamic environment
  • Exceptional written and verbal communication skills to engage with diverse audiences
  • Proficiency in Microsoft Project or similar project management software
  • Familiarity with cyber security tools and technologies such as SailPoint, Okta, and Delinea
  • Experience in enterprise-level data classification and identity management projects
Job Responsibility
Job Responsibility
  • Supervise and manage multiple cyber security projects, ensuring timely delivery and adherence to quality standards
  • Develop and present approved project charters to align stakeholders on goals and expectations
  • Coordinate with cross-functional teams to gather requirements, design solutions, test implementations, and deploy projects effectively
  • Maintain accurate records of deliverables, approvals, and project documentation
  • Serve as the central communication point between vendors, internal stakeholders, and executive leadership
  • Conduct regular status updates and track project progress against established metrics
  • Identify and address project risks, dependencies, and issues to ensure seamless execution
  • Monitor project budgets, comparing planned versus actual expenditures
  • Ensure alignment with cyber security products and methodologies, including tools such as SailPoint, Okta, and Delinea
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Technical Physical Security Program Manager

We’re looking for a Technical Security Program Manager to own and scale the phys...
Location
Location
United States , San Francisco
Salary
Salary:
140000.00 - 190000.00 USD / Year
whatnot.com Logo
Whatnot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in technical or physical security program management, or closely related security operations roles
  • Proven experience deploying and managing enterprise-grade physical security systems across multiple-sites
  • Strong understanding of access control architecture, camera systems, and visitor management technologies
  • Demonstrated success managing vendors, installations, and system integrations in fast-paced environments
  • Technical fluency with APIs and SaaS integrations, including the ability to partner closely with IT and engineering to design and validate integrations
  • Excellent cross-functional communication and program management skills—comfortable translating between technical, operational, and business stakeholders
  • A hands-on, no-task-too-small mindset and willingness to jump in where needed (e.g., printing badges, troubleshooting hardware, validating camera coverage on-site, other Corporate Security responsibilities as needed) to ensure program success
Job Responsibility
Job Responsibility
  • Strengthen the integrity, consistency, and compliance of Whatnot’s global physical security program—including access control, video surveillance, intrusion detection, and related systems—through standardized configurations, clear governance, and audit-ready controls
  • Own physical security infrastructure and vendors end-to-end, including vendor selection and onboarding, OKRs, budgets, schedules, installations, preventive maintenance, and ongoing system health across offices
  • Deliver reliable, scalable access control and identity workflows by administering Verkada access control, defining and enforcing role-based access standards, managing the employee badge lifecycle, and ensuring seamless integrations with employee identity systems
  • Lead the global rollout and adoption of security technology programs such as visitor management, travel security, and risk platforms by driving cross-functional delivery, partner readiness, and operational scalability
  • Oversee cameras and surveillance systems globally by defining and maintaining standards for placement, coverage, storage, retention, and compliance, and ensuring consistent deployment and maintenance
  • Drive security system integrations and special projects by partnering with IT, CISO, Finance Systems, and People Systems to improve resilience, monitoring, automation, and reporting across the physical security ecosystem
What we offer
What we offer
  • Generous Holiday and Time off Policy
  • Health Insurance options including Medical, Dental, Vision
  • Work From Home Support
  • Home office setup allowance
  • Monthly allowance for cell phone and internet
  • Care benefits
  • Monthly allowance for wellness
  • Annual allowance towards Childcare
  • Lifetime benefit for family planning, such as adoption or fertility expenses
  • Retirement
  • Fulltime
Read More
Arrow Right

Technical Program Manager, Security & Trust

At Harvey, we’re transforming how legal and professional services operate — not ...
Location
Location
United States , San Francisco
Salary
Salary:
144500.00 - 195500.00 USD / Year
harvey.ai Logo
Harvey
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years experience in Information Security
  • 3+ years experience in roles requiring a high degree of project management
  • A strong foundation across a broad range of security, risk, and governance topics
  • Excellent organizational skills, including project management and process design with a drive for simplification
  • Excellent written communication skills
  • Ability to communicate complex technical and regulatory topics to diverse audiences
  • Ability to manage external contractors, vendors, and consultants
  • Customer-centric mindset
  • Strong attention to detail while keeping focused on the big picture
Job Responsibility
Job Responsibility
  • Respond to customer security questions at scale by using AI
  • Meet with customers to address security-related questions and concerns
  • Manage ISO and SOC 2 Type 2 and other emerging compliance programs
  • Maintain and update corporate information security policies
  • Maintain and improve our internal documentation
  • Maintain and improve security documentation and resources we share with customers and partners
  • Identify opportunities to streamline Trust workflows through tooling and automation
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • Comprehensive health, dental and vision coverage
  • retirement benefits (401k match up to 4%)
  • flexible PTO
  • Fulltime
Read More
Arrow Right

Senior Security Program Manager

We’re hiring a senior Sr Security Program Manager to contribute to and mature an...
Location
Location
United States , Buffalo
Salary
Salary:
155000.00 - 195000.00 USD / Year
acvauctions.com Logo
ACV Auctions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years experience building and operating security programs in SaaS / marketplace / fintech / large data platforms
  • Demonstrable ownership across AppSec, SecOps, and Corporate Security domains
  • Experience optimizing and helping vulnerability management and incident response programs mature with measurable SLAs (MTTR, remediation windows)
  • Track record of influencing engineering/product leadership and delivering security as a business enabler (not a blocker)
  • Strong program management skills: roadmap creation, cross-functional timelines, budget stewardship, vendor selection and contract negotiation
  • Excellent written + verbal communication
  • experience preparing executive risk briefings and board-level security summaries
  • Bachelor’s degree in CS, Engineering, Information Security, or commensurate experience (5+ years) working in a similar role
Job Responsibility
Job Responsibility
  • Work with stakeholders to create a unified security program roadmap covering Product Security, SecOps, and Enterprise Security
  • Translate risk appetite into prioritized initiatives, funding opportunities, and measurable outcomes
  • Define and publish security KPIs/OKRs as dashboards to various internal audiences
  • Use data to support visibility and continuous improvement
  • Work with security teammates to collectively drive programs partnering with Product, Engineering, and DevOps to embed AppSec into the SSDLC
  • Partner with Operational leads to drive maturity through the creation of requirement frameworks including documented procedures, incident response playbooks, and runbooks
  • Collaborate with Legal, Privacy, and GRC teams to ensure enterprise controls align with SOC 2 and other industry standard framework requirements
  • Partner directly with the CISO to ensure top initiatives are well-planned, resourced, and delivered
  • Identify gaps, improve processes, and support the development of scalable frameworks
  • Drive cybersecurity initiatives from planning through delivery
What we offer
What we offer
  • Multiple medical plans including a high deductible, low cost health plan
  • Company-sponsored (paid) Short-Term Disability, Long-Term Disability, and Life Insurance
  • Comprehensive optional benefits such as Dental, Vision, Supplemental Life/AD&D, Legal/ID Protection, and Accident and Critical Illness Insurance
  • Generous paid time off options, including uncapped vacation days, the greater of 3 paid sick days or in accordance with the applicable state or local paid sick leave law, 6 paid company holidays, 2 floating holidays, parental leave, bereavement leave, jury duty leave, voting leave, and other forms of paid leave as required by applicable law or regulation
  • Employee Stock Purchase Program with additional opportunities to earn stock in the Company
  • Retirement planning through the Company’s 401(k)
  • Fulltime
Read More
Arrow Right

Senior CAPPS Security & Technical Program Manager (PeopleSoft/ERP)

We are seeking an experienced Senior CAPPS Security & Technical Program Manager ...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience supporting Texas state government agencies or public sector organizations
  • 10+ years of experience supporting CPA and CAPPS application systems
  • 10+ years of experience managing strategic technology initiatives and technical roadmaps
  • 10+ years of technical project management experience
  • 10+ years of experience with PeopleSoft FSCM or HCM 9.2 and related technologies
  • Strong experience with PeopleTools, PeopleCode, Application Designer, SQL, PS Query, SQR, Application Engine, and Oracle databases
  • Extensive knowledge of SDLC methodologies, data integration, and data quality management
  • Experience implementing and supporting IT security controls and governance processes
  • Experience with executive communications and stakeholder presentations
  • Experience interpreting contracts and managing vendor performance
Job Responsibility
Job Responsibility
  • Lead technical and security activities supporting CAPPS and CPA application systems
  • Develop and maintain strategic technology and security roadmaps aligned with organizational objectives
  • Manage technical project activities supporting CAPPS initiatives and enterprise application environments
  • Oversee Managed Service Providers and vendors, ensuring compliance with contractual obligations and service level agreements
  • Support CAPPS Central production and deployment activities serving multiple agencies and hub instances
  • Administer and support PeopleSoft FSCM/HCM 9.2 environments, including security, configuration, and technical troubleshooting
  • Ensure compliance with IT security standards, policies, controls, and risk management practices
  • Manage user access governance, Segregation of Duties (SoD), and role-based security frameworks within multi-tenant environments
  • Collaborate with business and technical teams to improve data integration, data quality, and system performance
  • Support IT service management processes utilizing ITIL methodologies and service desk best practices
Read More
Arrow Right

Program Manager Global Security

In this vital role you will provide enterprise leadership and project management...
Location
Location
United States , Chicago
Salary
Salary:
102577.15 - 138780.85 USD / Year
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate degree
  • OR Master's degree and 2 years of experience in program coordination, project management, or operations within corporate security, intelligence, emergency management, or a comparable environment
  • OR Bachelor's degree and 4 years of experience in program coordination, project management, or operations within corporate security, intelligence, emergency management, or a comparable environment
  • OR Associate's degree and 8 years of experience in program coordination, project management, or operations within corporate security, intelligence, emergency management, or a comparable environment
  • OR High school diploma / GED and 10 years of experience in program coordination, project management, or operations within corporate security, intelligence, emergency management, or a comparable environment
Job Responsibility
Job Responsibility
  • Lead and deliver Global Security and GSOC-related projects, managing timelines, risks, and reporting
  • Drive process improvements and oversee lifecycle management of security systems, ensuring performance, compliance, and data integrity
  • Coordinate with vendors and internal teams to align technology solutions with operational needs
  • Build strong cross-functional partnerships and provide executive-level updates and reporting
  • Identify trends, optimize workflows, track KPIs, and support strategic initiatives and special projects across Global Security
What we offer
What we offer
  • Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts
  • Discretionary annual bonus program
  • Stock-based long-term incentives
  • Award-winning time-off plans
  • Flexible work models where possible
  • Fulltime
Read More
Arrow Right

Program Manager, Industrial Security

OpenAI is seeking an Industrial Security Program Manager in DC to help develop a...
Location
Location
United States , Washington, DC
Salary
Salary:
194400.00 - 279000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in industrial security, with significant experience in industrial security operations for multi-site programs with a large Fortune 500 Tech Firm
  • An active TS/SCI security clearance (Full Scope Polygraph strongly preferred)
  • Expert knowledge of US Government security standards
  • Experience participating in the building and accrediting multiple accredited facilities from the ground up
  • Experience as a Program Manager with classified or Industrial Security
  • A solid understanding of developing program management plans, presentations for executives, delivering training, monitoring and tracking projects
  • Exceptional communication skills and executive presence, with experience briefing leadership and government officials
Job Responsibility
Job Responsibility
  • Create and track program management plans, budgets, schedules, presentations, deliver training, and ensure audits are passed meeting the highest standards
  • Partner closely with GRC, facilities, and others to ensure compliance with NISPOM, ICD 705, DoD/IC regulations, and other federal requirements to enable rapid execution on OpenAI for Government’s programs
  • Support multi-year security roadmaps to support OpenAI Public Sector projects, accredited facilities, and sensitive R&D initiatives, balancing the agile nature of our business with the timelines and requirements associated with US Government contracts
  • Support multi-site industrial security programs, including San Francisco, Washington DC, and other location as the business expands. This may include supporting foreign government security requirements as needed
  • Develop plans, roadmaps, track accreditation, and operational management of multiple accredited facilities and controlled areas as needed to support our partnerships with the US Government
  • Participate in construction and accreditation efforts in partnership with government agencies, design engineers, vendors and contractors
  • Ensure facilities meet and exceed required standards, with ongoing accreditation audits and readiness checks
  • Act as surge support for Industrial Security when operational demands are high
  • Ensure frameworks are met for NISPOM, ICDs, SAPs, OPSEC, Insider Threat and continuous evaluation programs
  • Develop and mature processes and programs such as, onboarding to the company and contracts, security indoctrinations, required reporting and approvals, security awareness, and similar security processes so the business can scale
What we offer
What we offer
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Fulltime
Read More
Arrow Right