Staff Technical Program Manager - Security & Compliance Programs

ABOUT LVT LVT is redefining how businesses operate in the physical world, moving beyond traditional security solutions to deliver AI-driven, actionable intelligence that makes sites smarter, safer, and more secure. Since pioneering our first mobile, solar-powered units , our commitment to scrappy, hands-on innovation has made us an established leader and one of the fastest-growing companies in intelligent site technology. We are building the next generation of solutions—from our physical units in the field to a powerful Agentic AI platform—that allows our customers to gain unprecedented visibility and control over safety, compliance, and operations. This is your chance to join a cutting-edge team that isn't just watching the world change, but actively building the technology that is changing it. We’re a team that’s focused on growth and innovation, and we’re proud that our crew, products, and leadership are being recognized for it. A Top-Tier Growth Company: Named one of the Financial Times’ Fastest Growing Companies 2025 and #10 on the Inc. 5000 Rocky Mountain Regional list for 2025. Innovative Leadership: Our CEO, Ryan Porter, was named an EY Entrepreneur of the Year 2025 , and our CTO, Steve Lindsey, was inducted into the Silicon Slopes CTO Hall of Fame in 2024. Product & Software Excellence: We were named one of The Software Report’s Top 100 Software Companies of 2023 and are a winner of the Security Today Govies Award for 2025. ABOUT THIS ROLE   LVT is pursuing government and enterprise markets that demand rigorous security and compliance posture—including FedRAMP authorization, NIST 800-53 alignment, and continuous monitoring at scale. This role is the execution engine for those programs. As Staff TPM — Security & Compliance Programs, you will own the end-to-end program execution for LVT’s most critical security and regulatory initiatives. You will sit at the intersection of Engineering, Security, Cloud Infrastructure, Product, and external compliance stakeholders—translating complex regulatory requirements into engineering-ready roadmaps, driving control implementations, and ensuring LVT’s platform is audit-ready, operationally durable, and positioned to serve regulated customers. This is a builder and executor role in equal measure. You will bring clarity to ambiguity, drive cross-functional alignment without authority, and ensure LVT can move fast in regulated environments without cutting corners. You will report to the Director of Technical Program Management and work in close partnership with the Product and Engineering leaders, Head of Security Engineering, and Cloud Infrastructure leadership. ROLE RESPONSIBILITIES Security & Compliance Program Ownership Own end-to-end program execution for LVT’s FedRAMP authorization effort and related regulatory initiatives (NIST 800-53, SOC 2, CJIS, or equivalent), from readiness assessment through Authorization to Operate (ATO). Translate regulatory control frameworks (e.g., NIST 800-53 control families) into actionable engineering backlogs, implementation roadmaps, milestone schedules, and measurable exit criteria. Maintain integrated program plans, risk registers, RAID logs, and dependency maps that reflect real-time program health across multiple workstreams. Coordinate and improve the end-to-end evidence lifecycle—collection, validation, freshness, and repeatability—partnering with engineering to scale compliance automation and reduce manual burden over time. Drive cross-team delivery of control implementations, remediation plans, and release sequencing across Cloud Engineering, Security Engineering, DevOps, and Product teams. Cross-Functional Execution & Stakeholder Management Serve as the primary execution liaison between Engineering teams and compliance stakeholders (internal audit, external 3PAO assessors, and government agency reviewers), ensuring work is audit-ready and documentation is operationally durable. Proactively identify and surface technical dependencies, program risks, and cross-team blockers; drive mitigation strategies before they impact delivery timelines or compliance windows. Coordinate integration between security/compliance work and LVT’s broader product and infrastructure roadmaps—ensuring compliance is embedded in delivery rather than bolted on. Partner with external vendors, 3PAO assessors (e.g., Schellman or equivalent), cloud boundary/ATO providers, and government stakeholders to manage assessment readiness and evidence submission cycles. Operational Rigor & Reporting Design and maintain lightweight but effective reporting cadences that give executive stakeholders real-time visibility into program health, compliance milestone status, and risk posture—without creating theater. Build and maintain program dashboards, status reporting artifacts, and board-level summaries that communicate compliance trajectory, open risks, and remediation velocity in plain language. Establish repeatable processes and tooling for evidence collection, continuous monitoring readiness, and audit cycle preparation that reduce per-cycle effort as the program matures. Champion a data-driven culture within the security and infrastructure programs—using metrics on control implementation velocity, open findings aging, and remediation SLA adherence to drive accountability. Technical Program Management Craft Engage credibly with engineering leads on architecture decisions related to cloud infrastructure, identity and access management, vulnerability management, CI/CD controls, observability, and incident response—understanding enough to ask the right questions and sequence the right work. Apply modern delivery practices (Agile, iterative milestone planning) to compliance program execution; adapt cadences as the program shifts from readiness to authorization to continuous monitoring. Identify and close gaps between LVT’s residual application-layer controls, IoT/edge telemetry