Cyber Technical Program Manager

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

Cyber Technical Program Manager

Lilly Cyber is seeking a Cyber Technical Program Manager. This role is designed for someone who has lived inside the cybersecurity field: who understands attacker TTPs, can hold a credible conversation with cyber professionals, and brings genuine technical depth across security domains. The right person will operate at the intersection of program delivery and hands-on technical context, driving execution of programs that directly address the threat landscape, including emerging risks from adversarial use of AI (such as Mythos-class threats), identity exploitation, and enterprise-scale attack surface management.

What You Will Do:

You will own programs end-to-end, challenge assumptions, surface risks, and hold technical teams accountable to outcomes. You will embed in the work alongside security engineers, architects, and Cyber leaders to bring structure to complex delivery, and translate program health into executive-ready intelligence for Cyber leadership.

The programs led by this role exist because the threat environment demands them. candidate must understand the adversarial context driving each program, including:

AI supply chain and model integrity threats: risks introduced through third-party model integrations, prompt injection, and data poisoning in enterprise AI deployments

Identity and privilege exploitation: continued evolution of credential theft, lateral movement, and abuse of legitimate access pathways

Enterprise attack surface expansion: the compounding risk surface introduced by cloud-native architectures, third-party dependencies, and hybrid identity environments

Understanding this landscape is important to this role. It shapes how programs are chartered, how risks are assessed, and how success is measured.

How You Will Succeed:

Program Governance & Cyber-Informed Planning

Develop and own program charters grounded in the cyber context driving each initiative as well as business requirements. Charters must connect program objectives to the specific risks being mitigated.

Drive gate-validated execution through the program lifecycle, ensuring planning rigor, resource readiness, dependency resolution, and architecture review before execution begins.

Maintain RASCI clarity across Sponsor, Service Owner, BISO, an