How you can make a difference
We are seeking a highly skilled and technically proficient Senior Data Security Technical Program Manager to lead our enterprise-wide Data Security Program. This role is ideal for a former security engineer with strong program and product management capabilities, who thrives in cross-functional environments and is passionate about protecting sensitive data across complex ecosystems.
What you’ll be doing
- Lead and own the Data Security Program, including the development and enforcement of data security standards.
- Oversee sensitive data discovery, access management, protection (at rest, in transit, in use), key management lifecycle, and availability through immutable data backups.
- Collaborate with Product, Technology, IT, data governance, legal, privacy, and business stakeholders.
- Working with data governance and privacy teams to build the sensitive data lineage across the applications and HealthEquity ecosystem. This lineage will help drive data retention, and protection functions.
- Serve as the primary liaison for service delivery, standards alignment, and stakeholder engagement.
- Implement cryptographic techniques such as encryption, tokenization, hashing, and key management.
- Apply data security controls across structured and unstructured environments.
- Evaluate, select, and manage vendors for data discovery, access management, protection, and backup solutions (e.g., Securiti.ai, Rubrik, Microsoft Purview).
- Manage multiple concurrent projects related to standards, discovery, access, protection, and backups.
- Track metrics, enforce schedules, triage issues, and provide executive-level reporting.
- Assess current tools and data environments.
- Deploy new technologies and measure the effectiveness of controls and processes.
- Identify and address gaps such as unprotected data, unclear retention policies, and excessive data storage.
- Partner with governance teams to optimize data retention and protection strategies.
- Ensure compliance and effective communication with legal, privacy, technology, and business teams.
- Drive successful program delivery through proactive engagement and collaboration.
What you will need to be successful
Regulatory Expertise: Strong knowledge of PCI DSS and HIPAA requirements, with experience implementing and managing controls, audits, and compliance programs.
Security & Risk Management: Skilled in information security principles, risk assessments, vulnerability management, and use of security tools (e.g., vulnerability scanners, SIEM systems).
Professional Experience: 7+ years in data security, technical program management, or related roles; prior experience as a Security Engineer moving into program/product management.
Technical Skills: Proficient in cryptography, format-preserving encryption/tokenization, enterprise security controls, and tools/platforms like Securiti.ai, Rubrik, and Microsoft Purview.
Leadership: Proven success managing complex, cross-functional initiatives, with excellent communication, stakeholder management, and leadership skills.
Education: Bachelor’s degree in Computer Science, Information Security, Engineering, or related field preferred.
#LI-Remote
This is a remote position.
