Senior Technical Program Manager
Posted on 3/28/2023

1,001-5,000 employees

Live and on-demand boutique studio classes
Company Overview
Peloton uses technology and design to connect the world through fitness, empowering people to be the best version of themselves anywhere, anytime. The company offers a suite of fitness products and services.
New York, NY, USA
Experience Level
Desired Skills
  • 6+ years of relevant experience
  • Working knowledge of:
  • Access management tools, processes, and procedures
  • User access administration, role and policy-based access controls, including identity management, provisioning and deprovisioning access
  • Privileged access management (PAM) tools
  • Identity and Access Management (IAM) tools
  • Access reviews for appropriateness and authorization
  • Interpretation of numeric data and statistical principles
  • Excellent communication skills (verbal and written), ability to influence without authority
  • Works well under pressure, within time and budget constraints, to solve problems, adjust quickly to shifting priorities, and make decisions with limited information
  • Ability to balance risks in ambiguous and complex situations
  • Demonstrated teamwork and collaboration skills, in particular contributing to global and cross-functional teams
  • Ability to communicate technical concepts to a broad range of technical and non-technical staff
  • Be able to deliver both detailed technical reports to enable access remediation and business friendly reports to demonstrate progress and track risk
  • Highly organized, motivated, and detail-oriented with the ability to work independently in a fast-paced environment
  • Excellent problem-solving skills and ability to manage competing priorities and deadlines
  • One or more of the following certifications is preferred: CISA, CISM, CISSP
  • Design and implement access management and assurance programs (people, process, and technology) to mitigate security threats and risks related to access through a holistic global program-oriented approach
  • Develop and maintain identity access requirements and controls as necessitated by business needs, security compliance requirements and security industry best practices
  • Reduce the number of privileged accounts to better align with principle of least privilege and role based access controls
  • Design and implement the identity review process, ensuring that identities and access is reviewed regularly both for appropriateness of access as well as privilege levels for all users
  • Develop and maintain policies and procedures that support identity management (e.g., access assurance, access monitoring and reporting, authentication requirements, authorization requirements)
  • Work closely with partner teams to implement and enforce mechanism to proactively monitor, respond and report on inappropriate data access events
  • Standardize how we harden and secure access via interactive (human) and non-interactive (service) accounts
  • Maintains updated knowledge in the field of risk management and compliance to efficiently work on frameworks including NIST CSF, CIS Controls, PCI-DSS, SOX 404, etc