BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cybersecurity SaaS portfolio.
Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself.
The Role
We're hiring a Technical Program Manager to own the operational backbone of Product Security: the processes, tracking, metrics, and cross-org coordination that keep vulnerability remediation moving from finding to fix at scale.
You'll report to the VP of Product Security and own the remediation lifecycle end to end: making sure validated findings get prioritized, tracked, driven to closure, and reported accurately. You're the person who knows where every critical finding is, what's blocking it, and who needs to do what by when.
This role sits at the center of the Product Security organization. You'll work daily with Security Architects, the Product Security Engineering Manager, and Product Security Engineers internally, and with Engineering, Product Management, Customer Support, Customer Trust, and Cyber Defense externally. When a pen test report lands, a bug bounty submission comes in, or a security exception is requested, you own the process that drives it to resolution.
Our Product Security organization operates AI-first. The remediation processes and workflows you own will be built on Claude and LLM-driven automation. You'll drive AI-first approaches to triage routing, status tracking, metrics generation, stakeholder reporting, and exception management
What You’ll Do
- Vulnerability Remediation Program Own the end-to-end remediation process from validated finding through fix verification. Define and enforce SLAs by severity, track progress across engineering teams, escalate aging findings, and drive blockers to resolution. When something stalls, you find out why and fix the process or escalate.
- Pen Test & Bug Bounty Coordination Organize third-party penetration tests: scoping, scheduling, vendor coordination, finding intake, and tracking through remediation. Own the operational side of the bug bounty program, ensuring researcher submissions are acknowledged, triaged, validated, and resolved within committed timelines.
- Security Kanban & Tracking Build and maintain security kanban boards that give the entire organization visibility into vulnerability status: internal findings, pen test results, bug bounty submissions, and security exceptions. These boards are the single source of truth. Engineering knows what's on their plate, security leadership knows the posture, and Customer Trust has what they need for customer conversations.
- AI-First Process Automation Use Claude and LLM platforms to automate finding intake and routing, generate status reports, f