Security Technical Program Manager at Galileo Financial Technologies

<div class="content-intro"><p><strong><a href="https://www.sofi.com/sofi-employee-applicant-privacy-notice/" target="_blank">Employee Applicant Privacy Notice</a></strong></p> <p><strong>Who we are:</strong></p> <p><span style="font-weight: 400;">Welcoming, collaborative and having the opportunity to make an impact - is how our employees describe working here.&nbsp; Galileo is a financial technology company that provides innovative and revolutionary software products and services that power some of the world's largest Fintechs. We are the only payments innovator that applies tech and engineering capabilities to empower Fintechs and financial institutions to unleash their full creativity to achieve their most inspired goals. Galileo leads its industry with superior fraud detection, security, decision-making analytics and regulatory compliance functionality combined with customized, responsive and flexible programs to accelerate the success of all payments companies and solve tomorrow's payments challenges today. </span><span style="font-weight: 400;">We hire energetic and creative employees while providing them the opportunity to excel in their careers and make a difference for our clients. Learn more about us and why we work here at </span><strong><a href="https://www.galileo-ft.com/working-at-galileo">https://www.galileo-ft.com/working-at-galileo</a></strong><span style="font-weight: 400;">.</span></p></div><h2><span style="font-size: 12pt;"><strong>Role Overview</strong></span></h2> <p><span style="font-size: 10pt;">The&nbsp;Security Technical Program Manager (TPM) will be responsible for the definition, execution, and oversight of critical security programs focused on client assurance, operational compliance, and platform security. This role requires a strong focus on program management and cross-functional coordination to embed security and legal standardization across client projects and manage ongoing compliance activities. </span><span style="font-size: 10pt;">The ideal candidate will drive the standardization of legal verbiage and security practices across the organization's client-facing work, ensuring predictable execution, reduced risk, and consistent security standards for client codebases. This role partners closely with Security, Engineering, Legal, Compliance, and Client teams.</span></p> <h2><strong><br><span style="font-size: 12pt;">Key Responsibilities</span></strong></h2> <h3><span style="font-size: 10pt;"><strong>Portfolio &amp; Program Management</strong></span></h3> <ul> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Own the portfolio view of Tech Platforms within the broader security strategy.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Structure and manage strategic programs required to deliver roadmap objectives</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Define milestones, delivery plans, and success metrics for major initiatives.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Track progress against portfolio commitments and escalate risks proactively.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Manage cross-functional dependencies across Engineering, Product Management, Legal, and other stakeholders.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Support quarterly and annual planning cycles, including investment</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Ensure predictable execution through structured governance and reporting cadence.</span></li> </ul> <h3><span style="font-size: 10pt;"><strong>Cross-Functional Collaboration</strong></span></h3> <ul> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Collaborate with Engineering, Product Management, Legal, Risk, and Compliance stakeholders.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Facilitate stakeholder alignment, trade-off decisions (e.g., security vs. speed), and expectation management.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Influence without direct authority to drive secure design principles and manage cross-functional projects to ensure delivery.</span></li> </ul> <p><strong><span style="font-size: 10pt;">Client Project Standardization:</span></strong></p> <ul> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Lead the strategic initiative to standardize legal verbiage and security requirements across client projects.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Client Code Security: Drive implementation of consistent security standardization to secure client codes and ensure ongoing maintenance and protection of the codebase.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Own the coordination of security deployment approvals for client projects with clients, engineering and security teams</span></li> </ul> <h3><span style="font-size: 10pt;"><strong>Operational Security &amp; Compliance</strong></span></h3> <ul> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Coordinate PCI compliance efforts by creating required reports and managing activities for all PCI accounts.Manage the coordination of the yearly PCI/ISO Audit for all accounts within the Tech Platform.Conduct quarterly User Access Reviews (UAR) to certify user access for AWSGenerate and report artifacts for 1LOD, 2LOD, 3LOD for corrective action plan and risk reduction plans</span></li> </ul> <h2><span style="font-size: 12pt;"><strong>Qualifications</strong></span></h2> <ul> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">5+ years of experience in technical program management, cybersecurity, or risk management</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Demonstrated experience in Product Security (AppSec), DevSecOps, or AI/ML Security domains.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Demonstrated experience building and managing strategic roadmaps tied to measurable outcomes.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Strong understanding of security compliance frameworks (e.g., PCI, ISO) and operational security domains (e.g., User Access Reviews, AWS security roles, Secure SDLC/SAST)</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Strong understanding of secure development practices, vulnerability management, and common software security frameworks.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Proven ability to partner with engineering and legal teams to drive standardization and manage security due diligence.</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Excellent written and verbal communication skills, with demonstrated experience facilitating stakeholder alignment and influencing without direct authority</span></li> <li style="font-size: 10pt;"><span style="font-size: 10pt;">Experience working in matrixed organizations and managing dependencies across multiple business units.</span></li> </ul> <p>&nbsp;</p><div class="content-conclusion"><h5 style="text-align: center;"><span style="font-weight: 400;">Galileo Financial Technologies</span><span style="font-weight: 400;"> provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.</span></h5> <h5 style="text-align: center;"><span style="font-weight: 400;">The Company hires the best qualified candidate for the job, without regard to protected characteristics.</span></h5> <h5 style="text-align: center;"><span style="font-weight: 400;">Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.</span></h5> <h5 style="text-align: center;"><strong><a href="https://dol.ny.gov/system/files/documents/2022/02/ls740_1.pdf" target="_blank">New York applicants: Notice of Employee Rights</a></strong></h5> <h5 style="text-align: center;"><span style="font-weight: 400;">Galileo is committed to an inclusive culture. As part of this commitment, </span><span style="font-weight: 400;">Galileo </span><span style="font-weight: 400;">offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email </span><a href="mailto:[email protected]" target="_blank"><strong>[email protected]</strong>.</a></h5> <h5 style="text-align: center;"><span style="font-weight: 400;">Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.</span></h5> <div class="gmail_default"><strong>Internal Employees</strong></div> <div class="gmail_default">If you are a current employee, do not apply here - please navigate to our Internal Job Board in Greenhouse to apply to our open roles.</div></div>