Technical Project Manager / Release Manager

🕒 April 29

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Umpisa Inc

WebsiteLinkedInAll Job Openings

11 - 50 employees

Software Development • Technology • Venture Building

Umpisa Inc. is a company that specializes in building companies and applications by leveraging expertise in business, technology, and data. Their mission is to position the Philippines as a global tech hub. They offer tailor-made software solutions with a focus on modern software development, UI/UX design, quality assurance, and business analysis. Umpisa Inc. is skilled in technologies like React, React-Native, Flutter, and Node. js, adhering to DevSecOps practices. They also engage in venture building, providing expertise in business and digital strategy, product management, and offering CTO-as-a-Service. Operating across industries such as fintech, real estate, and education, they aim to create authentic connections through their diverse tech professionals and strong engineering culture.

📋 Description

• Review all commits/PRs merged to dev since last release — read diffs, check for red flags (missing tests, hardcoded secrets, env/config changes, incomplete migrations) • Fix issues directly — open remediation PRs for problems found (missing test coverage, lint issues, config mistakes, documentation gaps). The lead dev reviews and merges these the next day. • Once dev is clean, cut and merge the release into main and tag it. • Write release notes and post a nightly summary. • Adapt the release cadence to the team's needs — during demo sprints or crunch periods, coordinate with the lead dev on whether to hold the main merge, cherry-pick critical fixes only, or batch releases. • Triage and organize Linear issues — ensure tickets have clear descriptions, acceptance criteria, and correct priority/status. • Keep project documentation current — architecture docs, runbooks, onboarding guides. • Track progress across active workstreams and flag blockers or dependencies. • Coordinate across contributors — make sure people aren't duplicating work or blocked on each other. • Maintain the roadmap view — what shipped this week, what's in flight, what's next. • Organize and clean up stale tickets, close completed work, link related issues. • Deliver weekly status updates to the lead dev — what's done, what's at risk, what needs a decision. • Run regular syncs with the deployment team — track progress on infrastructure (IaC, Key Vault, networking), CI/CD pipeline hardening, and security tasks (JWT expiry reduction, encrypted storage, managed identity migration, direct Entra ID integration). • Ensure deployment team deliverables meet SOC 2 evidence requirements — the work they ship needs to produce auditable artifacts, not just working code. • Unblock the team — flag dependency conflicts, missing access, unclear requirements before they become delays. • Execute the recurring evidence collection calendar — quarterly screenshots of Azure IAM roles, Entra ID MFA settings, GitHub org access, Key Vault RBAC, Dependabot alerts, Defender scores, merged PR examples. • Collect signed DPAs from subprocessors and file vendor SOC 2 reports • Build and maintain the formal risk register • Minor policy edits and updates as needed — we have 24 security policies drafted; you'll review, flag gaps, and make light edits, not write from scratch • Evaluate and onboard a SOC 2 compliance platform (Vanta, Drata, or Secureframe) — this is the critical path blocker for starting the observation window • Set up onboarding/offboarding security checklists and establish the quarterly access review process • Coordinate penetration testing engagement (scope, vendor selection, scheduling) • Regular async updates to the lead dev — surface blockers, decisions needed, and progress against the SOC 2 timeline. Don't wait for syncs to flag issues.

🎯 Requirements

• Enough technical depth to read TypeScript diffs, catch real issues, and fix them — not just filing tickets • Comfortable writing code for remediation — test coverage, lint fixes, config corrections, small refactors • Comfortable with GitHub (PRs, Actions, CI pipelines) and Linear (or similar project tools) • Strong at organizing information — turning scattered work into clear status, clean backlogs, and useful docs • Experience coordinating across distributed teams — can run a sync, write a clear status update, and hold people accountable without being their manager • Experience with compliance frameworks — SOC 2, ISO 27001, or HITRUST. Knows what auditors actually look for. • Good judgment on when to hold the line vs. when to find a creative path forward — we're early-stage and need someone who protects quality without blocking momentum • Proactive communicator — surfaces risks and blockers before they become problems