Apply in 3 Minutes! Technical Program Manager - Cloud Security / Governance, Risk & Compliance
Company: NetApp
Location: Jacksonville
Posted on: July 14, 2025
|
|
|
Job Description:
About NetApp NetApp is the intelligent data infrastructure
company, turning a world of disruption into opportunity for every
customer. No matter the data type, workload or environment, we help
our customers identify and realize new business possibilities. And
it all starts with our people. If this sounds like something you
want to be part of, NetApp is the place for you. You can help bring
new ideas to life, approaching each challenge with fresh eyes. Of
course, you won't be doing it alone. At NetApp, we're all about
asking for help when we need it, collaborating with others, and
partnering across the organization - and beyond. About NetApp We’re
forward-thinking technology people with heart. We make our own
rules, drive our own opportunities, and try to approach every
challenge with fresh eyes. Of course, we can’t do it alone. We know
when to ask for help, collaborate with others, and partner with
smart people. We embrace diversity and openness because it’s in our
DNA. We push limits and reward great ideas. What is your great
idea? About the Role As a GRC TPM in the Cloud business, you will
join a growing Security & Compliance team within NetApp’s
fastest-growing business - https://cloud.netapp.com/. The role is
to design, implement, and assess security controls from a technical
lens. If you are passionate about doing Security & Compliance at
the cloud scale in an innovative and automated
(compliance-as-a-code) way – this role is for you. The position can
influence and impact security, compliance, and assurance efforts
across teams, products, and functions within the company. For the
right candidate, the role will be shaped and scoped based on your
strengths. We are looking at a broad set of skills. Let’s chat.
Responsibilities - Drive compliance with a technical lens. -
Design, implement, maintain, and improve compliance programs to
address key risks and prepare product teams for assessments against
various regulatory and compliance frameworks (ISO/IEC 27001, SOC2,
PCI, NIST, FedRamp, etc.) - Partner with Engineering, SRE, Product,
Cloud Security, Legal, Privacy, and Corporate Security teams to
collaborate on pragmatic solutions to security risks and compliance
issues. - Assist with improving internal policies, processes, and
overall security governance. - Drive automation and assist with the
adoption of GRC tooling within business. - Perform technical gap
assessments and risk assessments. - Facilitate control monitoring
activities. - Closely work with the Cloud Security team on
initiatives and any risks impacting your area of responsibility. -
Identify opportunities that create a positive impact on our
activities and achieve efficiencies. - Maintain and optimize
security compliance monitoring and alerting systems and advise
control owners on system policy violations. Job Requirements - 5
years of experience in building and maintaining security risk &
compliance programs. - Experience in implementing technical
security controls and assessing compliance standards (ISO/IEC
27001, SOC2, PCI, NIST, FedRamp, etc.) over infrastructure,
applications, and Development and Cloud Engineering processes. -
Ability to assess security risks in a cloud environment - Strong
understanding of technical concepts relevant to cloud computing
environments: virtual infrastructure (cloud resources on AWS/Azure,
Kubernetes technology, and containers), logical access control,
DevOps development process, secure coding principles, CI/CD
processes, logging & monitoring, incident response, cryptography,
network security, and privacy, etc. - Familiarity with native
security and compliance capabilities within cloud providers and
technologies/processes around SIEM, vulnerability scanning, cloud
security configuration, endpoint detection & response tools, and
other infrastructure security tools - Excellent writing and
communication skills with attention to detail - Strong project
management and organizational skills - must be able to drive your
own projects to completion. - Ability to work in a fast-paced and
sometimes unorganized environment with multiple teams A big plus if
you have any of these - Similar experience within a SaaS product
company or Big4 auditing/consulting experience with a strong focus
on Security advisory - Experience with FedRamp Education -
Bachelors or Master of Engineering – preferably in Computers or IT.
- Professional certifications/ education in Security/Compliance -
AWS certifications, CISA, CISSP, CCSK, CIPP, or similar ISO 27001
Compensation: The target salary range for this position is 130,050
- 193,600 USD. The salary offered will be determined by the
candidate's location, qualifications, experience, and education and
may be outside of this range. Final compensation packages are
competitive and in line with industry standards, reflecting a
variety of factors, and include a comprehensive benefits package.
This may cover Health Insurance, Life Insurance, Retirement or
Pension Plans, Paid Time Off (PTO), various Leave options,
Performance-Based Incentives, employee stock purchase plan, and/or
restricted stocks (RSU’s), with all offerings subject to regional
variations and governed by local laws, regulations, and company
policies. Benefits may vary by country and region, and further
details will be provided as part of the recruitment process. At
NetApp, we embrace a hybrid working environment designed to
strengthen connection, collaboration, and culture for all
employees. This means that most roles will have some level of
in-office and/or in-person expectations, which will be shared
during the recruitment process. Equal Opportunity Employer: NetApp
is firmly committed to Equal Employment Opportunity (EEO) and to
compliance with all federal, state and local laws that prohibit
employment discrimination based on age, race, color, gender, sexual
orientation, gender identity, national origin, religion, disability
or genetic information, pregnancy, protected veteran status, and
any other protected classification. Why NetApp? We are all about
helping customers turn challenges into business opportunity. It
starts with bringing new thinking to age-old problems, like how to
use data most effectively to run better - but also to innovate. We
tailor our approach to the customer's unique needs with a
combination of fresh thinking and proven approaches. We enable a
healthy work-life balance. Our volunteer time off program is best
in class, offering employees 40 hours of paid time per year to
volunteer with their favorite organizations. We provide
comprehensive medical, dental, wellness, and vision plans for you
and your family. We offer educational assistance, legal services,
and access to discounts. Finally, we provide financial savings
programs to help you plan for your future. If you want to help us
build knowledge and solve big problems, let's talk.
Keywords: NetApp, Fayetteville , Apply in 3 Minutes! Technical Program Manager - Cloud Security / Governance, Risk & Compliance, IT / Software / Systems , Jacksonville, North Carolina
