Cybersecurity Controls Engineering Manager

Ares Operations•New York, NY

21h•$240,000 - $270,000

About The Position

We are looking for a Security Controls Engineering Manager to lead our Security Controls Engineering team, a specialized group within the broader Cybersecurity Engineering function. In this role, you will guide the design, architecture, deployment, and ongoing management of enterprise security controls across fleet security, DevOps and app security, data security, cloud security, AI security, and core security platforms such as Microsoft 365 Defender. You will define the team’s vision, strategy, and roadmap, ensuring alignment with organizational goals and the larger cybersecurity engineering strategy. We are looking for a hands-on technical leader with deep expertise in security architecture, engineering, and operations. You will apply advanced technical skills – particularly in cloud and AI security – to make informed decisions on complex security challenges. You will collaborate closely with the Security Platform Engineering team, which owns log pipelines, SIEM, SOAR, and detection engineering, as well as other cross-functional partners across the organization. You will help build and sustain a culture that values diverse backgrounds, perspectives, and experiences, fostering an environment where everyone feels they belong.

Requirements

Strong foundation in security engineering, architecture, and operations.
Hands-on experience with cloud-native security controls, automation, and orchestration.
Proficiency in scripting and automation (Python, PowerShell, etc.).
Experience with security monitoring, logging, and integration with SIEM/SOAR platforms.
Deep expertise in cloud security (Azure, AWS, GCP) and AI security controls.
Familiarity with EDR, device management, data protection technologies, and generalized security platforms (e.g., Microsoft 365 Defender).
Excellent leadership and team management skills.
Strong analytical and problem-solving abilities, supported by inclusive collaboration with team members with diverse working and thinking styles.
Ability to stay updated with the latest security trends and threats.
Effective communication and stakeholder management skills.
Ability to drive change and build consensus across diverse groups.
Significant experience in cybersecurity engineering (typically 10+ years), with significant hands-on experience in security architecture and controls engineering or equivalent practical expertise gained through nontraditional paths.
Proven track record of designing, deploying, and managing enterprise security controls.
Experience leading technical teams and delivering complex security projects.
Bachelor’s degree, relevant technical training, or equivalent hands-on experience.
Strong sense of ownership, accountability, and attention to detail.
Ability to manage competing priorities and deliver results in a dynamic environment while maintaining healthy work practices.
Proven track record of developing and maintaining structured processes that support efficiency, scalability, and rapid business growth.
Commitment to continuous learning and improvement.

Nice To Haves

Experience in regulated industries (finance, healthcare, etc.) is a plus.
Professional certifications (e.g., CISSP, GSEC, GCIA, OSCP) are valued but not required.
Advanced certifications in cloud and AI security are a plus.

Responsibilities

Define and communicate the vision, strategy, and roadmap for the Security Controls Engineering team.
Serve as the technical authority for enterprise security controls, providing hands-on guidance and expertise.
Partner with senior engineers to lead the design and implementation of security controls for fleet, DevOps, app, data, cloud, and AI environments.
Hire, develop, mentor, and retain cybersecurity engineering talent from diverse backgrounds.
Foster an inclusive, psychologically safe team environment where individuals of all backgrounds, identities, and working styles can succeed.
Model equitable decision making and promote diverse perspective in engineering discussions.
Act as a key advisor to business and technology stakeholders.
Oversee the execution of security control projects from initiation through deployment and support.
Continuously improve governance, metrics, and processes within the team.
Manage relationships with vendors and service providers.
Collaborate with incident response teams to ensure controls are integrated into workflows.
Provide regular updates and reports on the status and effectiveness of security controls.