Technical Program Manager, Security Operations

About Onebrief

Onebrief is collaboration and AI-powered workflow software designed specifically for military staffs. By transforming this work, Onebrief makes the staff as a whole superhuman - meaning faster, smarter, and more efficient.

We take ownership, seek excellence, and play to win with the seriousness and camaraderie of an Olympic team. Onebrief operates as an all-remote company, though many of our employees work alongside our customers at military commands around the world.

Founded in 2019 by a group of experienced planners, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies. We’ve raised $123m+ from top-tier investors, including Battery Ventures, General Catalyst, Insight Partners, and Human Capital, and today, Onebrief is valued at $1.1B. With this continued growth, Onebrief is able to make an impact where it matters most.

What You Will Achieve

We are seeking a Technical Program Manager (TPM) with a strong background in engineering program delivery, cross-team coordination, and technical risk management to lead remediation efforts across Onebrief’s infrastructure and product teams. This role will partner closely with the TPM – Security Compliance, taking ownership of translating compliance findings, vulnerability reports, and risk assessments into clear, executable engineering initiatives.

The TPM – Engineering ensures remediation tasks are scoped, resourced, prioritized, and completed on schedule, while maintaining velocity for ongoing product development. This is a highly collaborative role that requires technical depth, organizational leadership, and strong communication skills across engineering, IT, product, and executive stakeholders.

Key Responsibilities

• Remediation Program Leadership

• Cross-Departmental Coordination

• Program Tracking & Reporting

• Engineering Process Improvement

• Own remediation programs for findings identified by compliance/security assessments (e.g., FedRAMP, SOC 2, CMMC, NIST RMF).
• Translate vulnerabilities, audit gaps, and technical risks into actionable engineering projects.
• Ensure remediation efforts are prioritized within product and infrastructure roadmaps without derailing business objectives.
• Partner with infrastructure, DevOps, product engineering, IT, and cybersecurity teams to drive timely remediation.
• Track dependencies, remove blockers, and maintain visibility on remediation status across multiple teams.
• Ensure resource allocation for security-driven engineering work.
• Maintain remediation dashboards and reports for executive leadership and auditors.
• Track progress on POA&Ms (Plans of Action and Milestones) and ensure timely closure.
• Escalate risks to leadership when remediation timelines are at risk.
• Develop workflows to integrate remediation into CI/CD pipelines where possible.
• Drive adoption of engineering best practices (e.g., secure coding, automated testing, patching workflows).
• Partner with TPM – Security Compliance to continuously improve how risks are operationalized and tracked.

Qualifications

Required:

• 8+ years of experience in engineering program management, technical project management, or related roles.
• Strong background in coordinating across infrastructure, product engineering, and IT teams.
• Proven ability to translate technical/security requirements into engineering execution plans.
• Experience managing large-scale remediation or migration programs.
• Excellent organizational, prioritization, and communication skills.
• Familiarity with FedRAMP, NIST 800-53, SOC 2, or CMMC frameworks.
• Hands-on background in software engineering, DevOps, or systems engineering.
• Experience with program management tools (e.g., Linear, Jira, Confluence, Asana) and reporting dashboards.
• Certifications such as PMP, PgMP, SAFe, or Agile Program Management.

Preferred: