Senior Program Manager - Application Security

We are seeking a seasoned Senior Program Manager to lead complex, enterprise-level cybersecurity initiatives focused on Application Security, Open-Source Software governance, Software Supply Chain Security, DevSecOps, and CI/CD security controls. This role will partner across Product, Architecture, Engineering, Application Security, Infrastructure, and Operations teams to drive scalable governance, risk reduction, audit readiness, and adoption of policy-driven security controls across the enterprise. The ideal candidate is a true program-level leader with experience operating above individual project execution. This person should be comfortable managing multiple workstreams, aggregating risks and dependencies, communicating with senior leadership, and enabling engineering teams to adopt new security workflows and controls.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Over 5 years of experience as a Senior Program Manager or Technical Program Manager leading enterprise-scale programs.
Strong experience leading programs in one or more of the following areas:
Application Security
DevSecOps
Open-Source Software governance
Software supply chain security
Secure SDLC transformation
Vulnerability management
CI/CD security controls
Strong understanding of OSS ecosystems, dependency governance, SCA governance, and software supply chain risk.
Experience working with engineering, product, architecture, security, and infrastructure teams.
Experience managing program-level governance, executive reporting, risks, issues, dependencies, and roadmap tracking.
Ability to influence without direct authority across highly matrixed technical environments.
Experience translating technical security initiatives into business outcomes.
Experience driving adoption of new security controls, developer workflow changes, or enterprise technology transformation.
Strong communication skills with the ability to present to senior leadership and technical stakeholders.

Familiarity with tools or platforms such as:
Black Duck
Nexus
Artifactory
ProGet
SBOM platforms
SCA tools
Similar AppSec or software supply chain technologies
Experience integrating or supporting security controls within CI/CD pipelines.
Experience with policy enforcement, production controls, dependency management, or secure developer workflows.
Experience in financial services or another regulated industry.
Vendor-side experience in AppSec, SCA, DevSecOps, or software supply chain security may also be relevant.
Experience supporting AI-related cybersecurity, AI model risk, or emerging technology security programs is a plus.
Experience driving large-scale Organizational Change Management, training, communication, and adoption across engineering teams.

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.