Principal Technical Program Manager

Summary

Join PingCAP, a global leader in the database market, as a Principal Technical Program Manager to lead the security strategy for the next generation of TiDB Cloud. You will collaborate with various teams to ensure the platform's security meets the highest standards. Responsibilities include developing security roadmaps, implementing best practices, and overseeing compliance. This high-impact role offers the opportunity to shape the security foundations of a cutting-edge distributed database cloud service. The ideal candidate possesses extensive experience in technical program management, cloud security, and distributed systems security, along with a strong understanding of security standards and compliance frameworks. PingCAP is committed to fostering an inclusive and equitable workplace.

Requirements

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field
• 8+ years of experience in technical program management, with at least 3+ years focusing on cloud security or distributed systems security
• Proven track record of driving large-scale security initiatives across complex, multi-tenant environments
• In-depth understanding of security standards and compliance frameworks (e.g., SOC 2, ISO 27001, GDPR, HIPAA)
• Hands-on expertise with cloud architectures (AWS, GCP, or Azure), containerized environments, and modern deployment pipelines such as SecOps processes
• Strong communication skills and the ability to effectively influence and collaborate with technical and non-technical stakeholders
• Demonstrated ability to navigate ambiguity, prioritize competing demands, and deliver high-quality results in a fast-paced environment

Responsibilities

• Develop and maintain a comprehensive security roadmap for TiDB Cloud, ensuring alignment with business objectives and regulatory requirements
• Lead cross-functional initiatives to integrate security requirements into product design, development, and deployment phases
• Collaborate closely with engineering teams to design and implement secure architectures, covering areas such as data protection, access control, identity management, and network security
• Oversee security programs, processes, and metrics to monitor, measure, and continuously improve security posture
• Manage third-party risk assessments, vendor evaluations, and security audits to ensure compliance with relevant frameworks (e.g., SOC 2, ISO 27001)
• Partner with product teams to align feature releases and cloud infrastructure upgrades with security protocols and governance standards
• Establish incident response strategies and processes, collaborating with dedicated incident response teams to promptly remediate vulnerabilities or breaches
• Advocate for a security-first culture, providing training and guidance to internal stakeholders and external key customers on best practices and emerging threats

Preferred Qualifications

Relevant security certifications (CISSP, CISM, etc.) are a plus