Make Your Resume Now

Senior Technical Program Manager, Product Security

Chanzuckerberginitiative
United States
Posted March 02, 2026

Job Overview

The Chan Zuckerberg Initiative was founded in 2015 by Priscilla Chan and Mark Zuckerberg to harness the power of technology to pursue some of society’s most ambitious goals — from curing or preventing all disease to transforming how students learn.

At CZI, you’ll join a deeply collaborative, mission-driven community where your work helps drive breakthroughs across our flagship nonprofit organizations, Biohub and Learning Commons. Whether enabling scientific breakthroughs via open science and AI-powered biology or strengthening the tools teachers and students rely on every day, your contributions help turn bold ideas into real-world impact.

Our teams operate at the intersection of innovation and scale, building the infrastructure, partnerships, and capabilities that allow scientists, educators, and innovators to tackle some of the most complex challenges of our time — and to do so with urgency, integrity, and optimism.

The Team

The Operations team is a key partner in enabling Biohub’s pioneering work to combine frontier AI with frontier biology to solve disease and Learning Commons’ mission to build AI infrastructure that aligns how students learn with the tools that shape their learning experiences.

Operations includes our Central Tech, Finance, Marketing & Communications, People, and Real Estate / Workplace / Events / Facilities / Security (REWFS) teams. Together, these teams create the systems, programs, and experiences that empower our partners and colleagues across Biohub and Learning Commons to drive impact.

This work requires strategic and operational rigor, creativity, and deep collaboration. Whether designing world-class employee experiences, safeguarding data and infrastructure, or shaping how we communicate our impact, Operations plays a critical role in helping deliver meaningful change at scale.

The Opportunity

We are seeking a Technical Program Manager with expertise in Application Security, specifically in identifying vulnerabilities and then scoping and implementing novel solutions to eliminate those weaknesses at scale. We don't just identify and fix security vulnerabilities - we go beyond by creating paved roads and secure frameworks to avoid security vulnerabilities in the first place. You will be expected to operate using in-depth subject-matter knowledge at a technical level with developers and engineers across large organizations. Your security and development experience will be relied upon to provide secure foundations to the application and infrastructure teams that underpin the CZI Enterprise.

The role will help shape the product and application security that protects scientific and educational innovation at the Chan Zuckerberg Initiative, Biohub and Learning Commons. You’ll work alongside a dynamic team of engineers, Product Managers, and Security Professionals, building shared tools and platforms that support a diverse group of Research Scientists, Data Scientists, AI Researchers, and Engineers tackling some of the world’s most complex problems. As part of the Information Security team, your work will directly impact all of CZI’s initiatives by ensuring the security and scalability of the technology solutions that drive our mission forward.

What You'll Do

  • Conceive, design, develop, and improve industry-leading security tooling, automation, architecture, and/or frameworks that enable enterprise teams at scale to deliver applications and services with appropriate security controls to meet evolving requirements for security and privacy
  • Identify and eliminate classes of security problems by shifting detection and prevention left into the development workflow
  • Provide just-in-time, actionable, technical security guidance to enterprise application and service teams
  • Ensure prioritization, resourcing, and timely delivery of work within a changing business environment
  • Collaborate with cross-functional teams to ensure security work is being prioritized and addressed
  • Drive end-to-end execution of technical security projects, including requirements gathering, scoping, status updates, and delivery milestones.
  • Establish and report metrics to track compliance, program health, and ongoing risk posture.
  • Coordinate with third-party vendors and auditors to augment internal security capabilities
  • Serve as a subject matter expert on infrastructure, architecture, and application security, offering guidance to technical and non-technical stakeholders.
  • Support security reviews, threat modeling, and incident response efforts for applications and production infrastructure.

What You'll Bring

  • 5+ years of technical program management or equivalent experience, with a specific focus on security or application security.
  • Demonstrated proficiency with secure SDLC processes and best practices for integrating security throughout the software development lifecycle.
  • Hands-on experience designing and managing security controls within CI/CD pipelines, using automation frameworks to enable secure code delivery and rapid remediation.
  • Familiarity with threat modeling, static and dynamic application security testing (SAST/DAST), and software composition analysis (SCA) tools.
  • Deep understanding of DevSecOps principles, security automation, and infrastructure-as-code security.
  • Experience driving the adoption of vulnerability management, architectural best practices, and incident response for cloud-native and distributed applications.
  • Knowledge of container security (Docker, Kubernetes), microservices architectures, and cloud platform security (AWS, Azure, GCP).
  • Experience leading end-to-end security architecture design and governance across complex, cloud-native, and hybrid enterprise environments, aligning security capabilities to business and risk objectives.
  • Proven ability to define and maintain reference architectures, security patterns, and control standards spanning network, identity, data protection, and application security domains.
  • Skilled in conducting architecture risk assessments and design reviews, ensuring new and existing solutions meet zero trust, defense-in-depth, and compliance requirements in regulated industries.

Compensation

The Redwood City, CA base pay range for a new hire in this role is $190,000.00 - $261,800.00. New hires are typically hired into the lower portion of the range, enabling employee growth in the range over time. Actual placement in range is based on job-related skills and experience, as evaluated throughout the interview process. 

Better Together

As we grow, we’re excited to strengthen in-person connections and cultivate a collaborative, team-oriented environment. This role is a hybrid position requiring you to be onsite for at least 60% of the working month, approximately 3 days a week, with specific in-office days determined by the team’s manager. The exact schedule will be at the hiring manager's discretion and communicated during the interview process.

Benefits for the Whole You 

We’re thankful to have an incredible team behind our work. To honor their commitment, we offer a wide range of benefits to support the people who make all we do possible. 

  • Provides a generous employer match on employee 401(k) contributions to support planning for the future.
  • Paid time off to volunteer at an organization of your choice. 
  • Funding for select family-forming benefits. 
  • Relocation support for employees who need assistance moving

If you’re interested in a role but your previous experience doesn’t perfectly align with each qualification in the job description, we still encourage you to apply as you may be the perfect fit for this or another role.

#LI-Hybrid

    Facebook Instagram Medium Linkedin X YouTube    
 

Ready to Apply?

Take the next step in your career journey

Apply Show More Jobs

Stand out with a professional resume tailored for this role

Build Your Resume – It’s Free!