Security Technical Program Manager

Employee Applicant Privacy Notice

Who we are:

Welcoming, collaborative and having the opportunity to make an impact - is how our employees describe working here.  Galileo is a financial technology company that provides innovative and revolutionary software products and services that power some of the world's largest Fintechs. We are the only payments innovator that applies tech and engineering capabilities to empower Fintechs and financial institutions to unleash their full creativity to achieve their most inspired goals. Galileo leads its industry with superior fraud detection, security, decision-making analytics and regulatory compliance functionality combined with customized, responsive and flexible programs to accelerate the success of all payments companies and solve tomorrow's payments challenges today. We hire energetic and creative employees while providing them the opportunity to excel in their careers and make a difference for our clients. Learn more about us and why we work here at https://www.galileo-ft.com/working-at-galileo.

Role Overview

The Security Technical Program Manager (TPM) will be responsible for the definition, execution, and oversight of critical security programs focused on client assurance, operational compliance, and platform security. This role requires a strong focus on program management and cross-functional coordination to embed security and legal standardization across client projects and manage ongoing compliance activities. The ideal candidate will drive the standardization of legal verbiage and security practices across the organization's client-facing work, ensuring predictable execution, reduced risk, and consistent security standards for client codebases. This role partners closely with Security, Engineering, Legal, Compliance, and Client teams.

Key Responsibilities

Portfolio & Program Management

• Own the portfolio view of Tech Platforms within the broader security strategy.
• Structure and manage strategic programs required to deliver roadmap objectives
• Define milestones, delivery plans, and success metrics for major initiatives.
• Track progress against portfolio commitments and escalate risks proactively.
• Manage cross-functional dependencies across Engineering, Product Management, Legal, and other stakeholders.
• Support quarterly and annual planning cycles, including investment
• Ensure predictable execution through structured governance and reporting cadence.

Cross-Functional Collaboration

• Collaborate with Engineering, Product Management, Legal, Risk, and Compliance stakeholders.
• Facilitate stakeholder alignment, trade-off decisions (e.g., security vs. speed), and expectation management.
• Influence without direct authority to drive secure design principles and manage cross-functional projects to ensure delivery.

Client Project Standardization:

• Lead the strategic initiative to standardize legal verbiage and security requirements across client projects.
• Client Code Security: Drive implementation of consistent security standardization to secure client codes and ensure ongoing maintenance and protection of the codebase.
• Own the coordination of security deployment approvals for client projects with clients, engineering and security teams

Operational Security & Compliance

• Coordinate PCI compliance efforts by creating required reports and managing activities for all PCI accounts.Manage the coordination of the yearly PCI/ISO Audit for all accounts within the Tech Platform.Conduct quarterly User Access Reviews (UAR) to certify user access for AWSGenerate and report artifacts for 1LOD, 2LOD, 3LOD for corrective action plan and risk reduction plans

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
• 5+ years of experience in technical program management, cybersecurity, or risk management
• Demonstrated experience in Product Security (AppSec), DevSecOps, or AI/ML Security domains.
• Demonstrated experience building and managing strategic roadmaps tied to measurable outcomes.
• Strong understanding of security compliance frameworks (e.g., PCI, ISO) and operational security domains (e.g., User Access Reviews, AWS security roles, Secure SDLC/SAST)
• Strong understanding of secure development practices, vulnerability management, and common software security frameworks.
• Proven ability to partner with engineering and legal teams to drive standardization and manage security due diligence.
• Excellent written and verbal communication skills, with demonstrated experience facilitating stakeholder alignment and influencing without direct authority
• Experience working in matrixed organizations and managing dependencies across multiple business units.

Galileo Financial Technologies provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.

The Company hires the best qualified candidate for the job, without regard to protected characteristics.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

New York applicants: Notice of Employee Rights

Galileo is committed to an inclusive culture. As part of this commitment, Galileo offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email accommodations@sofi.com.

Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.