Cyber Technical Program Manager

Eli Lilly and Company

Cyber Technical Program Manager at Lilly managing cybersecurity programs and ensuring execution against complex threat landscapes. Collaborating across security teams to drive program delivery and governance.

Posted 6/7/2026full-timeIndianapolis • 🇺🇸 United StatesMid-LevelSenior💰 $124,500 - $182,600 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudCyber SecurityGoogle Cloud PlatformPMP

About the role

Key responsibilities & impact

You will own programs end-to-end, challenge assumptions, surface risks, and hold technical teams accountable to outcomes.
You will embed in the work alongside security engineers, architects, and Cyber leaders to bring structure to complex delivery, and translate program health into executive-ready intelligence for Cyber leadership.
Develop and own program charters grounded in the cyber context driving each initiative as well as business requirements. Charters must connect program objectives to the specific risks being mitigated.
Drive gate-validated execution through the program lifecycle, ensuring planning rigor, resource readiness, dependency resolution, and architecture review before execution begins.
Maintain RASCI clarity across Sponsor, Service Owner, BISO, and delivery team roles, ensuring BISOs are engaged from day one.
Lead critical path identification and gain alignment on the milestones that matter, reducing noise in reporting and keeping delivery teams focused on the outcomes that move the security posture.
Identify and surface risks through a technical lens along with schedule and budget, but threat-informed risks that could undermine program effectiveness.
Contribute to continuous improvement of Cyber’s program governance processes, templates, and stage gate documentation.
Own assigned programs through the full lifecycle: intake, charter, detailed planning, execution, and closeout with rigor and accountability at each stage.
Maintain execution momentum on concurrent programs, leading cross-functional dependencies, resolving blockers, and coordinating with security architects, engineers, and platform teams.
Ensure program plans include milestone roadmap, dependency map, architecture review confirmation, and resource assignments. No plan is approved without these elements.
Coordinate release readiness, change management, and go/no-go decisions with communications partners and business stakeholders to minimize disruption.
Engage directly with threat intelligence, red team, and detection engineering teams to ensure program scope and success criteria reflect current adversarial realities.
Proactively identify and escalate key issues, blockers, and constraints to appropriate management and stakeholders, ensuring timely resolution and minimal program impact.
Communicate complex cybersecurity concepts clearly and concisely across diverse audiences—from executives and business partners to technical teams—tailoring messaging to stakeholder needs.

Requirements

What you’ll need

Bachelor Degree in a STEM field
At least 5+ years of experience in program or project management, with the majority of that time spent inside a cybersecurity organization.
Direct hands-on experience with cybersecurity program delivery: security tool deployments, identity and access management programs, cloud security initiatives, or threat detection and response programs
Experience with program tooling including Jira, Azure DevOps, and Power BI; ability to build and maintain dashboards that support portfolio visibility.
Understanding of cybersecurity domains: IAM, endpoint security, cloud security (AWS, Azure, or GCP), application security, network security, and security operations.
Familiarity with current threat actor tradecraft, including the adversarial application of AI tools, large language model exploitation techniques, and AI-augmented attack patterns.
Working knowledge of MITRE ATT&CK, NIST CSF, Zero Trust frameworks, and security architecture patterns.
Awareness of life sciences regulatory requirements including FDA cybersecurity guidance, GxP, SOX, HIPAA, GDPR, and PCI as they apply to cyber program delivery.
Strong stakeholder management across technical practitioners, security leadership, and business executives.
Cybersecurity certification strongly preferred: CISSP, CISM, CCSP, or equivalent demonstrating sustained investment in the security discipline.
PMP, Agile (SAFe, CSM), or ITIL certification a plus.
Demonstrated track record running complex, cross-functional programs in fast-paced enterprise environments with opposing priorities.

Benefits

Comp & perks

eligibility to participate in a company-sponsored 401(k)
pension
vacation benefits
eligibility for medical, dental, vision and prescription drug benefits
flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts)
life insurance and death benefits
certain time off and leave of absence benefits
well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities)

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

program managementproject managementcybersecurity program deliverysecurity tool deploymentsidentity and access managementcloud securitythreat detection and responserisk managementstakeholder engagementcross-functional program execution

Soft Skills

communicationleadershipproblem-solvingstakeholder managementcritical thinkingadaptabilitycollaborationstrategic planningdecision-makingcontinuous improvement

Certifications

CISSPCISMCCSPPMPAgile (SAFe, CSM)ITIL