Technical Program Manager, Security

The Security, Risk & Assurance (SR&A) team proactively identifies, assesses, and mitigates security, risk, and compliance challenges across Security, Integrity, Investigations (SI2) personnel, tools, operations, and vendors. Our mission is to ensure the integrity, privacy, and resilience of systems and processes, ultimately increasing user safety and legal compliance. The broader SI2 organization is responsible for the compliance, operation, and counsel of Meta's high-severity harms and legal obligations.Meta is seeking to hire a Security Technical Program Manager. This is a critical, individual contributor role (IC) focused on providing dedicated technical program management support to define, execute, and scale security initiatives within the legal compliance technical ecosystem. This role will manage and de-conflict executive demands in an environment effective prioritization is critical. This role emphasizes the protection of user data, the implementation of technical controls, and the proactive management of Information Security Risk Management to prevent fraud and abuse.

Technical Program Manager, Security Responsibilities:

• Program Ownership: Define and own the security program strategy and framework (Identify, Prevent, Detect, Respond+Recover) with a specific focus on Meta's legal investigations, operations and compliance technical ecosystem
• Fraud & Abuse Prevention & Threat Intelligence: Lead and manage technical initiatives to prevent and mitigate fraud and abuse within Meta's Intake and Disclosure programs. This includes developing detections, implementing signal development strategies, and incorporating threat intelligence into defensive measures and projects like Requestor & Recipient Verification (RRV)
• Information Security Risk Management & Controls: Drive the Information Security Risk Management lifecycle. This involves collaborating with engineering and security SMEs to interpret and implement relevant regulations, identify, document, and test critical security controls, and deploy effective technical and security controls across SI2 surfaces
• Incident Management: Manage technical and fraudulent incidents and issues to resolution through the SEV process, coordinating with engineering, security, and legal teams
• Process Improvement: Drive process improvements to ensure security programs are efficient, scalable, and reliable, and maintain cross-functional alignment
• Security Assessments: Coordinate and track security assessments, vulnerability testing, and mitigation plans to close identified technical vulnerabilities
• Stakeholder Engagement: Engage cross-functional stakeholders (e.g., Legal, GRC, Engineering, Operations) on security, risk, and compliance requirements, and prepare and present program updates to leadership

• 7+ years of experience in program/project management within a technical or security domain
• Bachelor's degree in Computer Science, Engineering, Information Technology or equivalent technical experience
• Demonstrated knowledge and experience with security technologies, compliance frameworks, and risk management principles
• Experience managing technical incidents and issue resolution workflows
• Demonstrated experience communicating between technical and non-technical audiences using collaborative tools and cross-functional collaboration skills

• Relevant professional certifications such as Certified Information Systems Security Professional, Certified Information Security Manager, Certified in Risk and Information Systems Control, CompTIA Cybersecurity Analyst or Certified Fraud Examiner
• Experience in a role with similar titles such as Security Delivery Manager, Security Officer, or Threat Intelligence Program Manager
• Proven experience implementing technical solutions for fraud/abuse prevention, including working with detection engineering, security signals, or threat intelligence
• Advanced knowledge of security frameworks (e.g., National Institute of Standards and Technology, ISO 27001, Control Objectives for Information and Related Technologies) and experience in leading audit or risk assessment readiness efforts
• Experience working directly with engineering and legal teams to implement technical security controls