Senior Security Technical Program Manager

About The Position

Requirements

• 5+ years of program/project management in security, product security, or engineering, partnering closely with software engineering and product teams.
• Proven experience building and running cross-functional review programs uniting Security, Legal, and Compliance for product/feature launches.
• Demonstrated ability to operationalize SLC processes integrated into product development lifecycles, with clear intake, triage, routing, and approvals.
• Strong process design and optimization skills, including defining SLAs and implementing Jira-based automations for cross-functional workflows.
• Excellent communicator who can translate security, legal, and compliance requirements for technical and non-technical audiences and drive consensus.
• Influences without direct authority; adept at stakeholder management across product, engineering, and risk functions.
• Analytical and data-driven, with experience building dashboards and using metrics to inform governance and investment decisions.
• Proficient with Jira, Confluence, Slack, and collaboration tools; experience maintaining centralized knowledge bases and enablement materials

Nice To Haves

• Experience in SaaS/technology; familiarity with privacy, IP, AI risk, or regulatory compliance; Agile/Scrum background; relevant certifications (e.g., CISSP, CCSK, PMP).

Responsibilities

• Design and evolve portfolio-level SLC governance, prioritization, and decision frameworks grounded in metrics and SLAs.
• Build and run end-to-end SLC workflows (intake, triage, routing, approvals, risk sign-off) aligned to agile/CI-CD release cycles.
• Drive cross-functional execution: manage escalations, unblock dependencies, and maintain clear visibility on status, risks, and outcomes.
• Develop, maintain, and present SLC dashboards (e.g., throughput, cycle time, backlog health, risk trends) to stakeholders and executives.
• Identify bottlenecks and implement process improvements and Jira automations (workflows, forms, routing rules, notifications).
• Establish operating rhythms and facilitate effective forums that drive accountability and timely closure of action items.
• Create and maintain training, enablement, and knowledge base content; deliver sessions tailored to product, engineering, and SLC audiences.
• Serve as primary point of contact for SLC stakeholders, ensuring consistent, timely communication via Slack, Confluence, and other tools.

Benefits

• Box lives its values, with community and in-person collaboration being a core part of our culture.
• Boxers are expected to work from their assigned office a minimum of 3 days per week.
• Box is committed to fair and equitable compensation practices.
• Actual base salary (or OTE if commissionable role) is dependent upon factors such as: knowledge, skill level, experience, and work location.
• This role is also eligible for equity and benefits.
• For more information on benefits, check out our healthcare benefits and additional Box Benefits + Perks .
• In accordance with OFCCP compliance, here is the Pay Transparency Provision .