Senior Program Manager - Information Security (InfoSec)

Job Summary

About The Team

The Rubrik Information Technology team influences business processes, employee experience, and technologies to scale our organization to $1B+. This team creates operational efficiency across the company by centralizing the management of Infrastructure, Technology, and Data. The IT team ensures all stages of the software development lifecycle in a secured environment and scrutinizes the deployment of proper processes and governance. They champion Rubrik on Rubrik and are the first customers of the Engineering teams at Rubrik.

Rubrik IT is constructed of 100% SaaS and 0% on-premises. The IT team caters to accelerated business value enhancement and multiple day-to-day business processes through our varied SaaS applications like Salesforce.com, Oracle Netsuite, Workday, Snowflake, Etrade, MulSoft, etc. This team also delivers high-paced business outcomes with 100% system uptime backed by agile, nimble, simple, but cohesive Cloud architectures.

About the Role:

single point of contact between the IT and InfoSec departments

What You’ll Do:

• Program and Project Management:

  Oversee and manage all IT-led InfoSec programs and projects, ensuring they are delivered on time, within scope, and on budget. This includes developing detailed project plans, tracking progress, and managing changes to project scope, schedule, and costs.

• InfoSec Program Portfolio Management:

  Take ownership of the IT execution for a diverse portfolio of security initiatives, acting as the bridge from InfoSec's strategy to IT's implementation. Key program areas include:

• Identity & Access Management (IDAM):

  Drive projects related to single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM) across IT systems.

• Vulnerability Management:

  Manage IT's remediation efforts for identified vulnerabilities, coordinating patching and configuration changes across infrastructure and application teams.

• Security Tooling Implementation:

  Lead the deployment and integration of security technologies owned or managed by IT, such as endpoint detection and response (EDR), data loss prevention (DLP), and security information and event management (SIEM) agents.

• IT Controls & Compliance:

  Manage projects to implement and audit IT controls required for compliance frameworks like SOX, ISO 27001, and SOC 2.

• Security Awareness:

  Partner with InfoSec to execute the technical and logistical aspects of security awareness campaigns and phishing simulations within IT-managed platforms.

• Stakeholder Collaboration & Liaison:

  Serve as the primary communication bridge between IT and InfoSec. Translate InfoSec requirements into actionable IT projects and communicate IT constraints and progress back to InfoSec. Foster a close and collaborative partnership to ensure strategic alignment.

• Reporting and Metrics:

  Develop and maintain metrics and dashboards to report on the status, health, and performance of all IT-led InfoSec programs. Regularly communicate these metrics to leadership in both departments.

• Process Optimization & Best Practices:

  Champion best practices in security program management. Identify opportunities for efficiency gains and continuous improvement in how IT and InfoSec work together.

• Vendor Management:

  Oversee relationships with third-party security solution vendors, ensuring adherence to contracts, service levels, and project deliverables for IT-managed tools.

Experience You’ll Need:

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related technical field.
• Minimum of 10 years of progressive experience in IT program or project management, with at least 5 years focused on managing complex IT security or InfoSec-related initiatives.
• Demonstrated hands-on experience leading large-scale, cross-functional security projects (e.g., enterprise-wide IAM rollouts, vulnerability remediation campaigns, or security tool deployments).
• Strong understanding of core information security domains and principles (e.g., identity management, network security, endpoint security, vulnerability management).
• Familiarity with common security frameworks (e.g., NIST, CIS, ISO 27001) and compliance requirements (e.g., SOX, SOC 2).
• Exceptional collaboration and communication skills, with a proven ability to act as a liaison and translate requirements between technical teams.
• Excellent organizational, analytical, and problem-solving abilities, particularly in complex technical environments.
• Proficiency with project and program management tools such as JIRA.
• Proficiency with collaboration and productivity suites, particularly Google Workspace (Google Docs, Sheets, Slides, Drive).
• Based in or willing to relocate to Bangalore, India.
• Minimum of 3 full days’ work from the Bangalore office.

Nice To Have:

• Relevant security certifications such as

  CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CompTIA Security+

  .
• Project/program management certifications like PMP, PgMP, or PRINCE2.
• Master's degree in a technical field or Business Administration.
• Experience in a high-growth technology company or SaaS environment.
• Hands-on experience with specific security technologies (e.g., Okta, SailPoint, Zscaler).

We are looking for a visionary leader who can translate business strategy into tangible IT application solutions, driving efficiency, innovation, and measurable business value. If you are passionate about building robust application ecosystems and leading transformative programs, we encourage you to apply.