Sr. Security Program Manager, GRC

Security (SC)

Person, Crowd, Audience, Clothing, Apparel, People

Sr. Security Program Manager, GRC

  • Remote, United States
  • Full time

Work Styles at Zoom

In most cases, you will have the opportunity to choose your preferred working location from the following options when you join Zoom: in-person, hybrid or remote. Visit this page for more information about Zoom's Workstyles.

About Us

Zoomies help people stay connected so they can get more done together. We set out to build the best video product for the enterprise, and today help people communicate better with products like Zoom Contact Center, Zoom Phone, Zoom Events, Zoom Apps, Zoom Rooms, and Zoom Webinar.

We’re problem-solvers, working at a fast pace to design solutions with our customers and users in mind. Here, you’ll work across teams to deliver impactful projects that are changing the way people communicate and enjoy opportunities to advance your career in a diverse, inclusive environment.

As a Senior Security Program Manager working on Governance, Risk, and Compliance programs, you’ll play an important role, partnering with teams across Zoom to dig into some of our most challenging security related business problems and leading the efforts to resolve them. We ensure Zoom has a robust security control infrastructure that continuously protects our customers and our business. To meet these goals, we must understand and track which controls operate at all levels of the infrastructure, monitor their operation, and lead efforts to find and eliminate gaps. At Zoom, Security, Privacy, and Compliance form the foundation on which we build our products, and the ideal candidate is passionate about ensuring that foundation stays strong by continuing to mature and drive improvements to the Governance, Risk, and Compliance (GRC) space.


In this role you will:

  • Partner with the Head of Cyber Risk Management and the Head of Security Standards, Compliance, and Customer Assurance to develop and drive measurable progress of shared objectives and key results (OKRs) across the GRC team that align to business and security priorities. 

  • Drive the Cyber Risk Management, Security Standards and Compliance, and Customer Security Assurance functional teams to develop holistic short and long-term roadmaps to achieve the OKRs.

  • Drive deployment and operationalization of GRC tooling that deliver critical workflows around cyber risk management, third party risk management, controls management, issue management, business resilience, and policy and procedure management.

  • Build trust with our customers and stakeholders by managing initiatives and access related to critical security information and updates.

  • Assist Security Standards in managing and attaining key security certifications through the pre-assessment, remediation, and assessment phases.

  • Collaborate with our Product function to help streamline how our security standards and guidelines are integrated as an authoritative source for product managers and engineers throughout the product development lifecycle.

  • Develop effective KPIs across the GRC team to regularly and predictably manage progress relating to risk management, control remediation, standard and procedure creation and governance, and security customer assurance.

  • Effectively communicate program results to a broad audience, including engineers and senior leadership.


We are looking for people who have:

  • Bachelor’s degree in Information Systems, Computer Science, related discipline, or equivalent experience. 

  • 5-7 years of experience in technical leadership or program management in a technical field

  • Experience managing cross-functional programs relating to Governance, Risk, and Compliance at an enterprise level.

  • Familiarity with NIST 800 level frameworks, ISO, HIPAA, HITRUST, PCI, AWS, PMP, IRAP, ISMAP, C5, ENS, Common Criteria, and other international information security focused certifications and frameworks.

  • Ability to influence leaders within and outside of the security organization to prioritize, commit, and deliver key dependencies.

  • Experience in Information Security Program Management, including gathering and transforming requirements into actionable work items.

  • Eagerness to learn and optimize how we work across Security, creating processes and other software tools as needed.

  • Experience delivering detailed technical documentation as needed in partnership with engineering and operations counterparts.

  • Understanding of global security and privacy regulations.

We believe that the unique contributions of all Zoomies is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. Zoom is proud to be an equal opportunity workplace and is an affirmative action employer. All your information will be kept confidential according to EEO guidelines. 

We welcome people of different backgrounds, experiences, abilities and perspectives including qualified applicants with arrest and conviction records and any qualified applicants requiring reasonable accommodations in accordance with the law. If you need any assistance or accommodations due to a medical condition, or if you need assistance accessing our website or completing the application process, please let us know by emailing us at

Zoom requires all U.S. employees who will work in person at a Zoom office, attend in-person Zoom meetings or have in-person customer meetings to be fully vaccinated.  Zoom will consider requests for reasonable accommodations for religious or medical reasons as required under applicable law.

At Zoom, we care about our employees, their families, and their well-being. As part of our award-winning workplace culture and commitment to delivering happiness, our benefits program offers a variety of perks, benefits, and options to help employees maintain their physical, mental, emotional, and financial health; support work-life balance; and contribute to their community in meaningful ways. To view our benefits, click here.

Explore Zoom:


Fraudulent Employment Offers

Zoom is aware of scams that involve fake Zoom job listings posted on third-party sites. Responding applicants are contacted primarily over email, InMail and/or chat applications by people impersonating Zoom employees. Eventually a fake offer letter is sent in exchange for personal identification information as part of a fake new-hire screening process.

Please be advised that these offers, communications and impersonations are illegitimate and fraudulent. All communication with Zoom employees come from an “” email address. Zoom job applicants complete an interview process including in-person (on Zoom) meetings and phone calls. Our process also requires you to create an account with our applicant tracking system, Workday. If you have already completed an application, you can access it here. 

Zoom will never ask for your personally identifying information during the interview process or ask you to pay money or purchase equipment. If you have received a message from Zoom that appears suspicious, please contact 

Sign up for job alerts

Find roles that are just the right fit for you, delivered straight to your inbox. The next opportunity you see could become your new career.

Not You?

We have emailed you a code to verify your identity

Thank you for signing up for job alerts from Zoom!

Person, Laptop, Pc, Mouse, Hair, Sitting, Female, Table, Woman, Girl