Senior Security Program Manager

We are looking for a strategic Senior Security Program Manager with experience managing a complex information security and compliance program. You will report to Senior Manager, Information Security. You will have a strong background in cybersecurity and compliance, with proven experience managing multiple compliance audits, multiple products, and large security initiatives with cross-functional teams. You will manage projects related to compliance controls mapping, organizational security improvements, and external audits. The compliance program encompasses FedRAMP, StateRAMP, TxRAMP, ISO 27001, SOC 2, PCI, HIPAA, FISMA, CJIS, and Cyber Essentials. 

• Lead and manage the security program initiatives, ensuring alignment with Granicus’ security objectives
• Collaborate with management to define security priorities
• Manage program improvements for control mapping across the organization, compliance frameworks, and products
• Lead continuous improvement and growth project for response and recovery, including incident response, backups, failover / switchover, disaster recovery, and business continuity
• Support risk management program activities, and drive continuous improvements to the risk assessment and reporting process
• Coordinate internal and external audits, including planning, scheduling, and ensuring tracking of findings or continuous improvement recommendations
• Contribute to review and update cycles of policies and trainings, along with other security stakeholders
• Work with cross-functional stakeholders to identify and/or track security improvements
• Regularly report status and next steps to management

• 7+ years in information security program management, with at least 5 years in a leadership or program management role
• Proven track record of managing large-scale security programs and initiatives, working with cross-functional teams
• Experience with external audits, such as FedRAMP, ISO 27001, and SOC 2 in order to manage audit planning, audit activities, and projects to build out audit runbooks
• In-depth knowledge of common security frameworks, such as NIST 800-53, ISO 27001, PCI, HIPAA, SOC 2, and/or Cyber Essentials
• Experience working with a robust product set of software and cloud services, including SaaS offerings hosted in AWS, Azure and/or GCP
• Experience with risk management, incident response, disaster recovery, and business continuity
• Strong understanding of cloud security controls, including network security and data protection controls
• Familiarity with common security technologies, including SIEM, firewalls, IDS/IPS, encryption tools, and endpoint protection
• Excellent leadership and interpersonal skills; strong communication skills, written and verbal
• Experience working with software development and cloud operations teams at a SaaS and software company
• Ability to communicate complex requirements and security concepts to technical and non-technical teams
• Detail-oriented and able to manage multiple projects effectively
• Experience working in a highly regulated environment is a plus (e.g., CJIS, HIPAA, FISMA, government, finance/banking, healthcare, or FedRAMP / DoD IL)
• Relevant degrees or security certifications are a plus, such as CISSP, SEC+, CISM, CISA, CDPSE, or equivalent 

The Team

We area globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.

The Culture

At Granicus, we are building a transparent, inclusive, and safe space for everyone who wants to be a part of our journey. A few culture highlights include –

-        Employee Resource Groups to encourage diverse voices

-        Coffee with Mark sessions – Our employees get to interact with our CEO on very important and sometimes difficult issues ranging from mental health to work life balance and current affairs.

-        Embracing diversity & fostering a culture of ideation, collaboration & meritocracy

-        We bring in special guests from time to time to discuss issues that impact our employee population

The Company

Serving the People Who Serve the People

Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.

Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place. With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada. By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe.

Want to know more? See more of what we do here.

The Impact

We are proud to serve dynamic organizations around the globe that use our digital solutions to make the world a better place — quite literally. We have so many powerful success stories that illustrate how our solutions are impacting the world. See more of our impact here.

The Process

-        Assessment – Take a quick assessment.

-        Phone screen – Speak to one of our talented recruiters to ensure this could be a fit.

-        Hiring Manager/Panel interview – Talk to the hiring manager so they can learn more about you and you about Granicus. Meet more members on the team! Learn more and share more.

-        Reference checks – Provide 2 references so we can hear about your awesomeness.

-        Verbal offer – Let’s talk numbers, benefits, culture and answer any questions.

-        Written offer – Sign a formal letter and get excited because we sure are!

Benefits at Granicus India

Along with the challenges of the job, Granicus offers employees an attractive benefits package which includes –

-        Hospitalization Insurance Policy covering employees and their family members including parents

-        All employees are covered under Personal Accident Insurance & Term Life Insurance policy

-        All employees can avail annual health check facility 

-        Eligible for reimbursement of telephone and internet expenses

-        Wellness Allowance to avail health club memberships and/or access to physical fitness centres

-        Wellbeing Wednesdays which includes 1x global Unplug Day and 2x No Meeting Days every quarter

-        Memberships for ‘meditation and mindfulness apps including on-demand mental health support 24/7 

-        Access to learning management system Say., LinkedIn Learning Premium account membership & many more

-        Access to Rewards & recognition portal and quarterly recognition program

Security and Privacy Requirements

-        Responsible for Granicus information security by appropriately preserving the Confidentiality, Integrity, and Availability (CIA) of Granicus information assets in accordance with the company's information security program.

-        Responsible for ensuring the data privacy of our employees and customers, their data, as well as taking all required privacy training in a timely manner, in accordance with company policies. 

Granicus is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law.