Senior Technical Program Manager, Information Security

ABOUT THE ROLE

Peloton is seeking a Senior Technical Program Manager (TPM) to drive program and project management for the Information Security (InfoSec) department. You will work with a variety of business and technical stakeholders, vendors, and internal teams, and be assigned to projects and programs as they arise and as your bandwidth permits.

InfoSec provides a targeted set of services, support, and capabilities to prevent cyber attacks from occurring, rapidly detect and contain them when they do, and render data useless were it to leak. The scope of InfoSec at Peloton is global, across all departments and technologies.

We’re looking to hire someone who possesses a high level of integrity and personal accountability, strong interpersonal skills, and information security domain expertise. The successful candidate will be a proactive team player with a bias for action who demonstrates great attention to detail. In this role, you will - 

1. Lead technical projects and operational programs from inception through closure
2. Manage relationships with internal and external partners as well as within the InfoSec department
3. Help InfoSec collaborate across Peloton to increase the security posture of our company

THING TO CONSIDER 

• We’re a high-growth company, and our processes are in various states of maturity
• We regularly assess the state of the department, the business, and the company, and revisit what processes (and levels of process maturity) are needed for us to reach current and future objectives - you will play a large role in these decisions and changes for the projects and programs you support, and in the Information Security department
• We firmly believe in conducting retrospectives and driving managed, continuous, improvement - you will facilitate many of these and are expected to facilitate and participate in an open and constructive dialogue
• We’re doing a lot really fast - you may be asked to flex outside of your role from time to time. On the other hand, we believe in appropriate work/life balance, and you’ll be asked regularly to gauge your capacity against new efforts to prevent overloading.

YOUR DAILY IMPACT AT PELOTON

• Domain knowledge
• Identify scalable solutions to systemic security issues
• Possess expanded security technology depth
• Possess extensive partner technology and business knowledge
• Write security requirements, threat models, policies, and business and functional requirements and design documents for technical security/automation solutions
• Accurately analyze, identify, and triage security and business risks
• Provide balanced risk remediation recommendations and strategies
• Program governance
• Kick off and run programs and projects with full ownership, effective collaboration, and good process
• Measure program success and risks using data and facts
• Provide clear, accurate, consistent, and timely communications
• Are recognized as an influential and trusted partner because you are compassionate to the needs and situations of both partners and of InfoSec
• Advance Peloton’s Security IQ and culture
• Successfully manage multiple, simultaneous, complex, high-visibility efforts
• Build processes, templates, and structure, or leverage existing ones as appropriate, considering the cost vs benefit of change before implementing
• Antiracism and Inclusivity: Peloton has made a commitment to antiracism
• Contribute to creating a more inclusive culture and environment at Peloton
• Endorse, create, and maintain antiracist policies and processes

YOU BRING TO PELOTON

• Have 4+ years of experience
• Have a flexible (whether proactive or reactive, as the situation requires) approach to change
• Deliver outcomes and overcome obstacles constructively in order to move forward
• Consistently operate above the line
• Are forward-looking and thoughtful
• Are a strong listener with the ability to deeply understand, ask the right questions,  and proactively pursue constructive feedback
• Are capable of staying on track and pursuing solutions without supervision

BONUS

• Experience using Smartsheet, Confluence, Jira, and/or GSuite - we don’t use Microsoft Office, Microsoft Outlook, or Microsoft Project here
• PSIRT or product vulnerability disclosure program experience

#LI-AW1 

#LI-Remote

ABOUT PELOTON:

Peloton is the leading interactive fitness platform globally, with a passionate community of nearly 7 million Members in the US, UK, Canada, Germany, and Australia. Peloton makes fitness entertaining, approachable, effective, and convenient, while fostering social connections that motivate its Members to commit to their fitness journeys. An innovator at the nexus of fitness, technology, and media, Peloton reinvented the fitness industry by developing a first-of-its-kind subscription platform that seamlessly combines the best equipment, proprietary networked software, world-class streaming digital fitness and wellness content, and best-in-class fitness experts and Instructors..

Peloton is an equal opportunity employer and committed to creating an inclusive environment for all of our applicants. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

Please be aware that fictitious job openings, consulting engagements, solicitations, or employment offers may be circulated on the Internet in an attempt to obtain privileged information, or to induce you to pay a fee for services related to recruitment or training. Peloton does NOT charge any application, processing, or training fee at any stage of the recruitment or hiring process. All genuine job openings will be posted here on our careers page and all communications from the Peloton recruiting team and/or hiring managers will be from an @onepeloton.com email address. 

If you have any doubts about the authenticity of an email, letter or telephone communication purportedly from, for, or on behalf of Peloton, please email [email protected] before taking any further action in relation to the correspondence.

Peloton does not accept unsolicited agency resumes. Agencies should not forward resumes to our jobs alias, Peloton employees or any other organization location. Peloton is not responsible for any agency fees related to unsolicited resumes.