Director-level Technical Program Manager
Platform Security | Infrastructure | Compliance
San Francisco Bay Area | edwhite@gmail.com | LinkedIn
I'm a TPM who sits at the intersection of security engineering, cloud infrastructure, compliance, and large-scale program execution.
Currently at Salesforce, where I lead platform security programs spanning 100+ engineering teams across AWS and GCP. That work has included encryption modernization, PKI, TLS hardening, HSM key lifecycle, regulatory execution, and the slow practical work of keeping large groups aligned when the stakes are real.
I'm not a software engineer. I do speak the language fluently enough to challenge architectural decisions, write a useful runbook, ask the awkward risk question, and keep engineering, security, compliance, and leadership pointed at the same outcome.
The rest of the time: glass artist, chef, wine person, cat herder.
A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects.
Robert A. Heinlein
The point is range: learn broadly, work competently across domains, and do not confuse narrow specialization with capability.
This is a working portfolio of things I have built, taught, used, or am actively turning into something reusable.
Some of it is AI-assisted by design. That is part of the point.
AI is useful for speed: drafting, structure, code, cleanup, synthesis, and repeatable workflows. It is not a replacement for taste, judgment, domain knowledge, or deciding what is worth publishing.
The bar is simple: if it would not help someone do the work better, it should not be here.
Platform Security Encryption-in-transit, encryption-at-rest, PKI, HSM, TLS modernization
Program Management Cross-org delivery, OKRs, executive reporting, portfolio governance
Cloud Infrastructure AWS, GCP, multi-cloud security and compliance
AI Security Emerging security programs for AI/ML platform initiatives
This account is where I share TPM artifacts, templates, tools, examples, and working notes built or refined through real program work.
| Repo | What It Is |
|---|---|
| ai-automations | AI-assisted TPM prompts, workflows, examples, and review checks for safer program artifacts |
| security-program-playbooks | Security TPM guides for intake, compliance triage, evidence planning, and cross-team execution |
| tpm-templates | Program charters, RFC/ADR templates, RAID guides, communication plans, and lifecycle tools from real TPM work |
| tpm-toolbox | Lightweight TPM trackers, checklists, RAID logs, and AI-assisted workflows for program execution |
| program-reporting-frameworks | Status, steering committee, lessons-learned, and investment frameworks for honest program reporting |
| learning-notes | Working notes on systems design, security, infrastructure, and TPM craft |
Outside the TPM world:
| Repo | What It Is |
|---|---|
| food-wine-farms | AI-assisted regional food and wine guides built from local knowledge, solo shipping, and automated weekly updates |
| GlassART | Glassblowing notes, teaching resources, artist business tools, and studio-practice materials |
| teaching-notes | Teaching materials, demos, explanations, and workshops built to make technical ideas easier to understand |
Director, TPM Platform Security
2018 to present
- Drove encryption coverage from roughly 10 percent to 80 percent plus across 100+ engineering teams
- Led TLS 1.3 modernization and legacy TLS 1.0/1.1 removal across 100+ services
- Delivered 20 programs on time against Digital Services Act compliance deadlines
- Led a team of 15 TPMs and engineers
- Drove platform security programs across encryption, PKI, HSM lifecycle, cloud security, compliance, and enterprise-scale execution
Senior TPM / Practice Lead
2017 to 2018
- Managed a $10M+ portfolio across HIPAA, PCI, and SOX programs
- Supported clients including Salesforce, City National Bank, UCSF, Dolby, and Blue Shield
- Led infrastructure, compliance, and security-oriented delivery work across client environments
Manager, Technical Operations
2011 to 2013
- Led infrastructure modernization and vendor management for the retail technology stack
- Managed operational systems where reliability, cost, and business continuity all mattered
CISM | PMP | GSEC | ITIL | CSM
- How AI/ML security programs are maturing, and where they are still chaotic
- The TPM role in platform reliability versus pure delivery execution
- Making cryptographic compliance tractable for non-security engineering teams
- How to use AI to speed up program work without outsourcing judgment
- How to build tools that people actually use when the program is messy
The job is not just to write the plan.
The job is to make sure the right work happens, by the right people, at the right time, with enough clarity that everyone understands why it matters.
Open to conversations about TPM leadership, platform security, AI-assisted execution, and program management at scale.
Always happy to connect on LinkedIn.