Senior Technical Program Manager, Information Security / DR / BCP (Remote - USA)

About Lantern

Lantern is the specialty care platform connecting people with the best care when they need it most. By curating a Network of Excellence comprised of the nation's top specialists for surgery, cancer care, infusions and more, Lantern delivers excellent care with significant cost savings to employers and their workforces. Lantern also pairs members with a dedicated care team, including Care Advocates and nurses, for the entirety of their care journey, helping them get back to good health, back to their families and back to work. With convenient access to specialists nationwide, Lantern means quality care is within driving distance for most. Lantern is trusted by the nation's largest employers to deliver care to more than 6 million members across the country. Learn more about us at lanterncare.com.

About You:

• You use LOGIC in your decision making and understand that progress is critical to making change. You focus on the execution of your content while balancing a fast-paced environment and you take the time to celebrate both the small big wins.
• INCLUSION is a core tenant of your personal beliefs. A diverse and inclusive environment is incredibly important to you. You understand and desire to be a part of a diverse team with different experiences and perspectives you cherish the differences in each individual that you interact with.
• You have the GRIT, drive and ambition to tackle big problems. Big problems require big ideas and a team that supports new ideas.
• You care deeply for your customers are driven to keep HUMANITY in all decisions. Your customers aren’t just the individuals using your product. They are the driving factor in your motivation to make a change.
• Integrity guides you in life. Focusing on the TRUTH vs. giving people the answers they want to hear.
• You thrive in a Team Environment. Collaboration is key in innovation and creating change.

These pillars of LIGHT are a reminder to our team that we are making a difference by providing guidance and support in navigating the often complex and confusing landscape of healthcare. We hope that through this LIGHT, individuals can find their way to the best care, resources, and support they need to get back to life.

If this sounds like you, we would love to connect to speak further about career opportunities at Lantern.

Please apply to our role someone from our Talent Acquisition Team will reach out to help you navigate our interview process.

Lantern is seeking a Senior Technical Program Manager (TPM) with in-depth expertise in Information Security, governance, and program management to drive the execution of critical Information Security and Infrastructure initiatives. This role is responsible for driving and coordinating security initiatives, ensuring projects are delivered on time, within scope, and in alignment with compliance/business/enterprise goals.

The ideal candidate has a strong PMO background, proven ability to manage complex security portfolios, and hands-on knowledge of governance, risk, and compliance frameworks. You will partner closely with IT, Legal, Product, Security, and Infrastructure teams to establish governance structures, manage capacity planning, and deliver projects that strengthen the organization’s technical and operational readiness.

Location: Remote, USA

Responsibilities and Duties:

Portfolio Program Management (PMO)

• Implement and scale a unified portfolio management framework to prioritize and deliver InfoSec and Infrastructure initiatives aligned with enterprise goals.
• Manage intake and prioritization processes, ensuring smooth execution and onboarding of new hires into meaningful project work.
• Deliver 90%+ on-time, in-scope project execution across security and infrastructure portfolios. Manage timelines and deliverables for frameworks such as SOC, HIPAA, and GDPR.
• Conduct quarterly portfolio reviews, connecting project outcomes, hiring efficiency, and resource utilization to business objectives.

Capacity Planning Resource Management

• Drive workforce and hiring alignment with portfolio needs.
• Optimize resource allocation and track utilization to maximize program efficiency.

Governance Security Oversight

• Establish and track KPI (e.g., time to restore service, vulnerability remediation SLAs, phishing resilience, audit readiness, etc.) and KRI (e.g., risk exposure, compliance gaps) to measure operational readiness.
• Lead and manage assessments across:
• Physical Security
• Microsoft Security (Active Directory, Entra, M365)
• Cybersecurity (NIST CSF 2.0)
• HITRUST remediation initiatives
• Oversee adoption of tools and frameworks for incident, risk, and policy management (e.g. OneTrust).

Security Technical Execution

• Oversee delivery of security initiatives, including:
• MDR tool implementation (Expel)
• Penetration Testing programs
• Data Loss Prevention tools
• Identity Access Management rollouts
• SOP updates and PagerDuty integration
• Disaster Recovery (DR) and Business Continuity Planning (BCP) Expertise
• Ability to develop and maintain DR/BCP policies, procedures, and runbooks
• Familiar with NIST
• Experience conducting BIA and Risk Assessment to identify critical processes and dependencies
• Knowledge of recovery time objectives (RTO), recovery point objectives (RPO), and tiered recovery strategies for different systems
• Leading Tabletop exercises, simulation testing, and complete failover tests for DR and continuity validation
• Assessing 3rd party vendor and partner DR/BCP capabilities as part of risk management
• Risk Management: Work with security engineers to identify, evaluate, and mitigate risks, balancing business needs with security requirements. Lead compliance and risk initiatives, including:
• OneTrust deployment for Incident Management, IT Security Risk Management, 3rd-Party Risk, and Policy Management
• Questionnaire response automation and SOC audit support

Qualifications:

• 5+ years of program/project management experience within Information Security, IT, or Infrastructure domains.
• Proven experience in security governance, compliance, and risk management frameworks (e.g., NIST CSF, HITRUST, SOC).
• Strong knowledge of security tool implementation (MDR, IAM, DLP, OneTrust).
• Jira knowledge.
• Experience leading portfolio-level program management, including intake, prioritization, and capacity planning.
• Track record of delivering large-scale projects with high on-time and in-scope success rates.
• Excellent communication, stakeholder management, and executive reporting skills.
• Must demonstrate flexibility and excellent organizational skills with the ability to complete various tasks accurately with high attention to detail and creativity.
• Develop, manage, and maintain customer relationships at all organizational levels.
• Excellent soft skills to handle stress and resolve conflicts.
• Ability to maintain confidentiality.
• Be Proactive, Self-Driven, Fast-Learner, and Accountable.

Preferred Skills:

• Familiarity with cloud security.
• Strong analytical ability to connect project outcomes to business performance metrics.
• PMP, CISSP, CISM, CISA, or related certifications (preferred but not required).

Benefits