Staff Program Manager, Information Security

Staff Program Manager, Information SecurityJoin to apply for the Staff Program Manager, Information Security role at Redwood MaterialsStaff Program Manager, Information SecurityJoin to apply for the Staff Program Manager, Information Security role at Redwood MaterialsGet AI-powered advice on this job and more exclusive features.About Redwood MaterialsRedwood Materials was founded in 2017 to create a circular supply chain for electric vehicles and clean energy products, making them more sustainable and driving down the cost for batteries. We're doing this by developing and deploying new technologies to increase the scope and scale of recycled and sustainable materials in the global battery supply chain.About Redwood MaterialsRedwood Materials was founded in 2017 to create a circular supply chain for electric vehicles and clean energy products, making them more sustainable and driving down the cost for batteries. We're doing this by developing and deploying new technologies to increase the scope and scale of recycled and sustainable materials in the global battery supply chain.Staff Program Manager, Information SecurityEssential Duties:We are seeking an experienced Senior Information Security Program Manager for Governance, Risk and Compliance, to lead the preparation and ongoing audit readiness of the Information Security program to ensure the organization's compliance with industry standards. In collaboration with the IT, Enterprise Risk and Compliance, and Quality Assurance teams, and as a representative of the Information Security program, you will drive the maturity of our Information Security Compliance Program, focusing on control ownership and risk management while providing pragmatic, risk-centric advisory services to stakeholders.This role offers the opportunity to shape the security posture of a rapidly growing organization while contributing to our mission of sustainable technology innovation.Responsibilities Will Include:Design and execute the strategic vision for our Information Security GRC programDevelop and maintain the Information Security Governance, Risk, and Compliance program, creating policies, procedures, and extending organizational capabilities while ensuring alignment with industry best practicesDrive cross-functional collaboration with IT, Enterprise Risk and Compliance, and other operational teams to implement secure, consistent patterns and expand observabilityIdentify and prioritize opportunities for improving organizational risk postureCreate and maintain comprehensive Information Security documentation, including a knowledge base, compliance reports, risk registers, and policy documentationServe as a subject matter expert in:Developing and managing the Compliance ProgramCoordinating Audit Evidence GatheringOverseeing User Access ReviewsDeveloping Policies and ProcessesManaging Change Management ProcessesConducting Risk Assessments and MitigationLeading Security Awareness and Training ProgramsOwn and maintain Third Party Risk Management evaluation practicesMaintain the Information Security policy portfolioManage operational capabilities including GRC tools and platformsOversee the security lifecycle of compliance initiatives and audit preparationsRepresent Information Security in partnerships with internal teams and third-party organizationsDevelop and maintain a reporting framework to keep stakeholders informed of risks, compliance status, and program progressEstablish and own the Information Security change management review processDesired Qualifications:7+ years of hands-on experience in Information Security Governance, Risk, and Compliance programs developing risk-centric solutions, leveraging industry standard controls frameworks and implementations.5+ years of direct ownership in at least 3 of the following:Compliance Program ManagementAudit Evidence GatheringUser Access ReviewsPolicy and Process DevelopmentChange ManagementRisk Assessment and MitigationSecurity Awareness and Training ProgramsProficiency with 4 or more industry-standard compliance programs (e.g., ISO 27001, CISv8.1, NIST 800-53/88/171, CMMC, TISAX, SOC 2, Sarbanes-Oxley)Extensive experience overseeing IT compliance initiatives in mixed on-premises and cloud-based environments (e.g., AWS, GCP, Azure, Entra, Active Directory etc), ensuring adherence to industry standards and regulatory requirementsAdvanced knowledge of Governance, Risk, and Compliance frameworks and best practices, demonstrable experience in:Developing and implementing IT security policies and proceduresConducting risk assessments and managing risk mitigation initiativesPreparing for and managing internal and external IT auditsLeading security awareness and training programsThird Party Risk Management EvaluationsStrong understanding of regulatory requirements and industry standardsFamiliarity with GRC tools and technologiesRelevant professional certifications such as PMP, CISSP, CIPM, CIPT, CISM, CISA, CRISC, CGEIT, GSEC, GSNA or GCCCExcellent communication and interpersonal skills, including:Ability to influence and collaborate with stakeholders at all levelsStrong presentation and report-writing skillsEffective leadership and mentoring abilitiesDemonstrated experience in managing complex programs and projects, including developing project plans, and leading cross-functional teams to deliver results on time and within scope.Excellent attitude, team collaboration, communication, and self-motivationA passion for sustainability and making the world a better place!Physical Requirements:Ability to perform essential job functions in compliance with ADA, FMLA, and other relevant federal, state, and local regulations, including meeting both qualitative and quantitative productivity standardsAbility to maintain regular and punctual attendance in line with ADA, FMLA, and applicable standardsAbility to wear personal protective equipment (PPE), including safety gloves, helmets, and eyewear, or additional PPE when requiredAbility to lift and carry up to 50 lbsAbility to communicate clearly and effectively on the telephone, including listening and speakingWorking Conditions:Office setting, manufacturing floor, outdoor job site, or remote workExposure to loud noise, extreme heat or cold, dust, fumes, or hazardous chemicalsRequired to work weekends, evenings, on-call shifts, or extended hours on a regular basisThe position is full-time. Compensation will be commensurate with experience.We collect personal information (PI) from you in connection with your application for employment with Redwood Materials, including the following categories of PI: identifiers, personal records, professional or employment information, and inferences drawn from your PI. We collect your PI for our purposes, including performing services and operations related to your potential employment. If you have additional privacy-related questions, please contact us at levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionProject Management and Information TechnologyIndustriesTechnology, Information and InternetReferrals increase your chances of interviewing at Redwood Materials by 2xSign in to set job alerts for “Staff Program Manager” roles.Senior Engineering Manager - Confluence DatabasesSan Francisco, CA $186,300.00-$269,075.00 2 weeks agoSenior Engineering Manager - Database Platform (REMOTE)San Francisco, CA $125,000.00-$300,000.00 9 hours agoSenior Machine Learning Engineering Manager -- Teamwork GraphSan Francisco, CA $209,700.00-$303,150.00 2 weeks agoSan Francisco, CA $192,000.00-$246,000.00 2 weeks agoSan Francisco, CA $183,600.00-$265,550.00 2 weeks agoSan Francisco, CA $130,000.00-$260,000.00 21 hours agoFoster City, CA $130,000.00-$260,000.00 2 days agoStaff Technical Program Manager, Search SignalsEngineering Program Manager, Machine LearningNational Program Director (Central Regions)Oakland, CA $87,690.00-$109,613.00 2 weeks agoWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr

Created: 2025-09-17