
Manager, Security Engineering
Posted 6 days ago

Posted 6 days ago
This is a fully remote position, open to applicants in California, +2 more states.
• Guides, recruits, nurtures, and supervises security engineers through mentoring, performance evaluation, and career progression.
• Formulates and implements the security engineering roadmap for the team, ensuring a balance between risk mitigation, operational efficiency, and business goals.
• Creates and sustains security engineering services and controls that align with business objectives and industry-leading practices.
• Suggests enhancements to security policies, standards, and procedures that bolster the organization's security stance, including considerations for emerging risks such as AI integration and usage.
• Collaborates closely with leadership, teams, and cross-departmental business units to ensure alignment on the security roadmap, planning, and vision.
• Leverages business insights and contextual knowledge to direct team technical choices concerning cloud security, application security, identity management, and novel technologies.
• Oversees risk evaluations, threat modeling, incident response, and security investigations pertaining to production systems, cloud infrastructure, and new product initiatives.
• Cultivates and enhances relationships with security vendors to ensure effective and efficient supplier performance outcomes.
• Works in partnership with Security, Compliance, Engineering, and IT stakeholders to promote security awareness initiatives and advocate for secure engineering practices.
• Collaborates with Compliance and Audit teams to facilitate security controls, prepare for audits, collect evidence, and undertake remediation efforts.
• Promotes the adoption of DevSecOps methodologies, security automation, vulnerability management, secure code review processes, and secure-by-default engineering practices.
• Establishes operational metrics and reporting to assess the effectiveness of security controls, detection capabilities, and team performance.
• Over 8 years of experience in cybersecurity, cloud security, application security, infrastructure security, or related fields.
• Bachelor's degree in Computer Science, Information Systems, or a related discipline, or equivalent practical experience.
• Proficiency in one or more modern programming or scripting languages (Python, Go, Java, Rust, Bash, or similar).
• Strong knowledge of software development lifecycle (SDLC) processes and source control technologies.
• Comprehensive understanding of DevSecOps, application security principles, secure software development methodologies, and contemporary software delivery environments.
• Capability to devise solutions that are scalable, repeatable, secure, and maintainable.
• Experience in risk assessment and analysis, emergency preparedness, and incident management.
• Familiarity with SIEM, security monitoring, threat detection, incident response, and observability platforms in cloud settings.
• Expertise in securing cloud-native environments, containerized workloads, Kubernetes platforms, modern CI/CD pipelines, and related controls, including vulnerability management, secrets management, and workload protection.
• Knowledge of identity and access management technologies such as Okta, SAML, OAuth, Descope, and OIDC, encompassing authentication, authorization, and privileged access concepts.
• Experience securing cloud platforms such as AWS and/or GCP, including IAM, network security, logging, monitoring, and cloud-native security services (AWS and GCP certifications are advantageous).
• Background in managing security programs and frameworks.
• Experience in implementing or operating security controls aligned with frameworks such as NIST CSF, SOC 2, HITRUST, ISO 27001, or CIS Controls.
• CISSP and/or CISM certification is a plus.
• Medical, dental, and vision insurance.
• 401(k) with a company match.
• An Employee Stock Purchase Plan (ESPP).
• Unlimited vacation.
• 13 paid holidays.
• 72 hours of sick leave.
• Mental wellness and financial wellness programs.
• Fertility benefits.
• Generous parental leave.
• Pet insurance.
• Supplemental life insurance for you and your dependents.
• Company-paid short-term and long-term disability.
NBCUniversal
Deepgram
Xapo Bank
Alteryx
Get handpicked remote jobs straight to your inbox weekly.