Principal Technical Program Manager - Cloud Security

Remote in San Francisco Bay Area, Seattle, or West coast timezone
Product – Product Group /
Full-time /
Remote
Join us as we scale our business in NA/EMEA by building on our tremendous success around the world. The massive database market is going to double over the next few years (the IDC estimates it to be $119B+ by 2025) and PingCAP is a global player positioned as a major disruptor with TiDB Database and Database as a Service offering. TiDB is an open-source, cloud-native, distributed SQL database for elastic scale and real-time analytics. Large and high-growth organizations in markets as varied as financial services, logistics, gaming, e-commerce and software as a service have successfully deployed and expanded their TiDB footprint on mission-critical applications. Our strong open-source community roots (32,000 stars on GitHub), innovative products and inclusive culture draw passionate and dedicated people to our company. Learn more about PingCAP careers and join our team to be at the forefront of innovation and growth.

About the Role:
We are seeking an experienced Principal Technical Program Manager (TPM) to lead and drive the security strategy for the next generation of TiDB Cloud. In this role, you will collaborate with engineering, product management, and other cross-functional teams to ensure our platform’s security posture meets the highest standards. You will be responsible for defining security roadmaps, implementing best practices, and overseeing compliance requirements across various global regions. This is a high-impact role with broad scope and influence, offering the opportunity to shape the security foundations of a cutting-edge distributed database cloud service.

Responsibilities:
Develop and maintain a comprehensive security roadmap for TiDB Cloud, ensuring alignment with business objectives and regulatory requirements.
Lead cross-functional initiatives to integrate security requirements into product design, development, and deployment phases.
Collaborate closely with engineering teams to design and implement secure architectures, covering areas such as data protection, access control, identity management, and network security.
Oversee security programs, processes, and metrics to monitor, measure, and continuously improve security posture.
Manage third-party risk assessments, vendor evaluations, and security audits to ensure compliance with relevant frameworks (e.g., SOC 2, ISO 27001).
Partner with product teams to align feature releases and cloud infrastructure upgrades with security protocols and governance standards.
Establish incident response strategies and processes, collaborating with dedicated incident response teams to promptly remediate vulnerabilities or breaches.
Advocate for a security-first culture, providing training and guidance to internal stakeholders and external key customers on best practices and emerging threats.

Qualifications:
Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
8+ years of experience in technical program management, with at least 3+ years focusing on cloud security or distributed systems security.
Proven track record of driving large-scale security initiatives across complex, multi-tenant environments.
In-depth understanding of security standards and compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, HIPAA).
Hands-on expertise with cloud architectures (AWS, GCP, or Azure), containerized environments, and modern deployment pipelines such as SecOps processes.
Strong communication skills and the ability to effectively influence and collaborate with technical and non-technical stakeholders.
Relevant security certifications (CISSP, CISM, etc.) are a plus.
Demonstrated ability to navigate ambiguity, prioritize competing demands, and deliver high-quality results in a fast-paced environment.
$158,000 - $215,000 a year
Salary Range:
The annual anticipated salary range for U.S. candidates for this role is USD $158k to $215k base. Four zones are applied with different levels of the pay range. More details of the Geo Differential Pay Policy will be discussed during the HR conversation. The actual individual base pay will depend on various factors such as the complexity and responsibility of the role, work locations, job levels, and relevant experience and skills. This role is also eligible to participate in PingCAP's Bonus and Equity Plan, as well as our Sales Compensation Plan, if it is a sales role. To comply with local legislation and provide greater transparency to candidates, we share base salary ranges on all US job postings regardless of desired hiring location. Please note that actual salaries may vary and fall outside of this range depending on factors such as a candidate's qualifications, geographic location, skills, experience, and competencies. Other benefits include health insurance, flexible vacation time, paid holidays, and parental leave. Salaries for candidates outside the U.S. will vary based on local compensation structures.
We encourage people from underrepresented groups to apply. Come advance with us! In keeping with our values, no employee or applicant will face discrimination/harassment based on: race, color, ancestry, national origin, religion, age, gender, marital domestic partner status, sexual orientation, gender identity, disability status, or veteran status. PingCAP also strives to prevent other, subtler forms of inappropriate behavior (e.g., stereotyping) from ever gaining a foothold in our organization. Whether blatant or hidden, barriers to success have no place at PingCAP.