Principal Technical Program Manager

Job Summary
F5 is committed to shaping a better digital future by empowering organizations worldwide to build, secure, and operate applications that elevate digital experiences. With a deep focus on cybersecurity, F5 protects consumers from fraud while enabling companies to innovate with confidence. The company embraces a people-centered culture, dedicated to improving customer outcomes and fostering a diverse, inclusive community where every individual can thrive.

Key Responsibilities
Program Management: Lead the strategic planning and execution of essential security programs, including vulnerability management, security tool deployment, CVE tracking, and enforcement of Security Software Development Life Cycle (SDLC) best practices. Oversee program roadmaps, timelines, deliverables, and reporting to ensure alignment with business objectives and security standards. Drive critical security metrics such as vulnerability remediation rates and risk reduction efforts.

Security SDLC and Vulnerability Management: Partner with engineering and security teams to integrate Security SDLC practices throughout the development lifecycle. Manage vulnerability detection, assessment, and remediation initiatives to guarantee timely resolution of security risks across F5 products. Establish governance processes for handling externally reported vulnerabilities, prioritizing and resolving them efficiently.

Cross-Functional Collaboration: Develop and maintain strong partnerships with software engineering, product management, cybersecurity, IT, and operations teams to ensure security goals are aligned. Act as the central coordinator for security initiatives, facilitating clear communication between technical and non-technical stakeholders to clarify priorities and timelines.

Risk and Compliance Management: Align security requirements with organizational risk tolerance and compliance frameworks, collaborating with internal and external auditors as necessary. Ensure compliance with corporate and industry security policies while supporting development velocity. Proactively identify and mitigate security risks through continuous monitoring.

Process Improvement and Tooling: Evaluate existing security practices and tools to identify gaps and improve efficiency. Lead the implementation of automated tools for static and dynamic code analysis, dependency scanning, and configuration management to detect vulnerabilities early in the development process.

Metrics and Reporting: Define and monitor key performance indicators (KPIs) related to security efforts, including vulnerability remediation and incident response service level agreements (SLAs). Deliver clear, actionable updates to executive leadership and stakeholders on program status, risks, and outcomes.

Required Qualifications
- Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or a related technical field; Master’s degree preferred.
- At least 8 years of program management experience, with a minimum of 3 years focused on security programs, vulnerability management, or security operations; 10+ years preferred for principal-level roles.
- Demonstrated success implementing Security SDLC processes and collaborating with software teams to deliver secure, production-ready solutions.
- Strong knowledge of security domains, including vulnerability scanning tools (e.g., Tenable Nessus, Snyk, Qualys), CVE tracking, dependency management, and secure coding practices.
- Deep understanding of software development methodologies such as Agile and DevSecOps.
- Familiarity with CI/CD pipelines and security testing tools like SonarQube, Checkmarx, and Veracode.
- Basic expertise in threat modeling and risk assessment techniques.
- Excellent leadership and communication skills, with the ability to influence diverse stakeholders and explain complex security concepts to both technical and non-technical audiences.
- Strong problem-solving skills and sound decision-making abilities in fast-paced environments.

Preferred Qualifications and Benefits
- Project management certifications such as PMP, PgMP, or PMI-ACP; security certifications including CISSP, CISM, or CISA.
- Experience with cloud security and platform-oriented vulnerability management tools (e.g., Bugzilla).
- Awareness of emerging cybersecurity trends and zero-day vulnerability exploitation.
- Knowledge of networking and application delivery technologies; familiarity with F5 products is advantageous.

F5 is an equal opportunity employer committed to diversity and inclusion. Employment decisions are made without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, disability, veteran status, or any other protected classification. Reasonable accommodations are available upon request during the application process.