Technical Program Manager, Security

We’re an industry-leading health technology company on a mission to help people get better. We started in 2011 with one simple idea. Make it easier for practitioners to access the products they trust so they can deliver better care.

That simple idea grew into a platform that powers every part of care. Today, more than 125,000 practitioners use Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high-quality supplements. Over 10 million patients rely on Fullscript to stay connected to their care plans and follow through on treatment.

We build tools that make care smarter and more human. Tools that save time, simplify decisions, and help practitioners stay closely connected to the people they care for. When everything they need is in one place, they can focus on what matters most: helping people get better.

Bring your ideas, your grit, and your care for people.

Join us and shape the future of care.

We’re seeking a Technical Program Manager to lead our most critical security programs, operating at the intersection of security engineering, compliance, and cross-functional delivery. This is a high-impact individual contributor role responsible for defining and running the operating model for how security programs are planned, executed, and scaled at Fullscript.

This role partners closely with Security Engineering, Infrastructure, Product Engineering, Compliance, and Legal. You’ll bring clarity to complex security work, align teams around shared outcomes, and ensure we deliver on our security commitments in a way that scales with the business.

∙Own the end-to-end security program roadmap, balancing short-term risk reduction with long-term security maturity.

∙Translate security strategy, risk posture, and compliance requirements into clear, prioritized, and executable programs.

∙Establish durable planning rhythms, milestones, and success metrics for security initiatives.

∙Own the Vulnerability Management program, including prioritization frameworks, remediation tracking, and executive-level reporting.

∙Coordinate internal and external Penetration Tests, from scoping and scheduling through remediation and closure.

∙Partner with engineering and infrastructure teams to ensure security findings are addressed efficiently and sustainably.

∙Serve as the primary program-level owner for SOC 2 execution and readiness, coordinating timelines, evidence collection, and cross-team accountability.

∙Partner with Compliance and Security to reduce audit friction through better processes, documentation, and tooling.

∙Identify systemic audit gaps and lead programs to close them long-term, not just for the next audit cycle.

∙Design and evolve the operating model for security programs, ensuring work scales as Fullscript grows.

∙Identify recurring pain points and implement structural improvements to reduce manual coordination and rework.

∙Ensure security programs are predictable, measurable, and transparent.

∙Communicate program status, risks, and tradeoffs clearly to senior leaders and stakeholders.

∙Create and maintain high-quality program documentation, including plans, timelines, and decision records.

∙Build trust through proactive communication, follow-through, and shared accountability.