Senior Technical Program Manager - Product Security
Zoox
IT, Product, Operations
Foster City, CA, USA
Posted on Mar 6, 2025
Zoox has embarked on a highly ambitious journey to develop a full-stack autonomous mobility solution for our cities. As a technical program manager, you will work cross-functionally with engineering and product leaders to make cybersecurity an integral part of both their long-term plans and tactical work despite conflicting priorities and tight schedules.
On one side, you will make it easy for teams to say "yes" to security initiatives by developing project schedules, identifying milestones, flagging risks, estimating budgets, and clearly communicating priorities and progress. On the other side, you will facilitate work of Product Security teams by aligning team capabilities and availability to needs, projects, priorities, and timelines; by relentlessly over-communicating what you did, are doing, and plan to do; and by critically examining, fine-tuning, and suggesting tools and processes teams use to get things done.
The Product Security organization at Zoox is a specialist, multi-team group that focuses on the cybersecurity aspects of anything related to the core Zoox product - our mobility service. Product Security serves a number of engineering teams across software, hardware, vehicle engineering, and other divisions. The group collaborates with and implements the policy of Zoox-wide information security and governance organizations.
In this role, you will:
- Work with engineering teams, product teams, and leaders to translate corporate strategy into detailed product roadmaps, timelines, and deliverables while driving cybersecurity initiatives across connected vehicle systems
- Drive product security initiatives across connected vehicle systems, ensuring protection of in-vehicle networks, telematics, and cloud-based services and own programs such as product risk assessment and management, incident response and continuous monitoring for various company milestones.
- Create and deliver technical presentations that explain program initiatives and establish standard reports for effective stakeholder communications on program status, issues/risks, and accomplishments
- Partner with cross-functional teams (engineering, product, security, policy/legal) to design and implement secure architectures and integrate cybersecurity protocols into vehicle development processes
- Create, manage and refine processes and tools to identify cybersecurity risks and vulnerabilities in vehicle systems, developing mitigation strategies to ensure compliance with industry standards and regulations (e.g., ISO/SAE 21434, UNECE WP.29), while demonstrating, testing, and gathering feedback on security product initiatives
- Analyze and report on deployed security tools and provide information needed for the development of security products to all stakeholders
- As a senior member of the Program Management organization, set meeting agendas to eliminate bottlenecks, model Zoox values, ensure diverse voices are heard, and help develop the next generation of Program Management specialists
Qualifications
- BS or MS degree in computer science, engineering or equivalent job experience
- At least 8 years of experience in engineering, program management, or management consulting
- Strong track record of managing complex, long-running, cross-functional projects
- Deep familiarity with software, hardware, or automotive development processes
- An ability to keep the big picture in focus and to provide clear, well-structured, and concise communications tailored to each appropriate audience
- Strong Technical and Analytical Skills: A solid technical background in cybersecurity (network security, cryptography, secure software development) with experience identifying vulnerabilities, conducting risk assessments, and managing security lifecycle programs across multiple domains (e.g., vehicle architecture, telematics, cloud).
- Strong references that highlight your ability to build strong working relationships with senior leaders and engineers across functions and departments and to advance your goals without having direct authority
Bonus Qualifications
- Experience in Automotive Cybersecurity: Extensive experience (5+ years) managing cybersecurity programs specific to the automotive industry, with a solid understanding of cybersecurity in connected vehicles, embedded systems, and automotive protocols (e.g., CAN, Ethernet, V2X)
Compensation and Benefits
There are three major components to compensation for this position: salary, Amazon Restricted Stock Units (RSUs), and Zoox Stock Appreciation Rights. The salary will range from $197,000 to $236,000. A sign-on bonus may be part of a compensation package. Compensation will vary based on geographic location, job-related knowledge, skills, and experience.
Zoox also offers a comprehensive package of benefits including paid time off (e.g. sick leave, vacation, bereavement), unpaid time off, Zoox Stock Appreciation Rights, Amazon RSUs, health insurance, long-term care insurance, long-term and short-term disability insurance, and life insurance.