Senior Manager, Product & Cloud Security

Tempo

5d•Remote

About The Position

We are looking for a Technical Leader to take the reins of our Product and Cloud Security program. Reporting to the VP of Engineering, you will lead a dedicated security team and partner with our external security provider (Divoro) to build an engineering-led security culture. This is a "Player-Coach" role: you will set the strategy and lead the team, but you are expected to stay in the details—reviewing our overall cloud security, triaging CVEs, and ensuring our infrastructure and software supply chain remains secure and compliant.

Requirements

The Technical Manager: 7+ years in Security/Engineering, with a history of leading teams in high-growth SaaS environments.
Active Practitioner: You are still "hands-on" with AWS, Terraform, and GitHub Actions. You can jump into a PR and explain exactly why a library or license is a risk.
AI Proponent: Understands AI, Uses AI for automation, Understands the risks of AI
Systems Thinker: You prioritize risk based on actual business impact and exploitability, not just tool output.
Pragmatic Leader: You understand how to align security goals with the VP of Engineering’s roadmap to drive business value.

Nice To Haves

AWS Certified Security Specialty Certification is a plus

Responsibilities

Vulnerability Triage: Review and prioritize CVEs from SAST/SCA tools; alert the engineering team to critical library upgrades while filtering out noise and non-reachable risks. Monitor progress to ensure SLOs are met.
Open Source Governance: Review all open-source libraries for non-compliant licenses (e.g., Copyleft/GPL) to ensure our codebase remains commercially protected and compliant with company policy.
Oversee the integration of SAST, DAST, and SCA tools within our GitHub pipelines.
Monitor remediation progress to ensure SLOs are met.
Set the technical standards for vulnerability remediation and provide architectural guidance to the broader engineering org.
Direct the security architecture for our AWS environments.
Implement AWS Security best practices.
Review and occasionally author Terraform modules to ensure "Security-as-Code" is the baseline for all deployments.
Support our SOC2 Type 2, ISO 27001/27701, GDPR, and CCPA initiatives.
Automate evidence collection to ensure technical controls are functioning as intended.
Mentor and grow your internal and external security team; act as the lead technical escalation point for complex security bugs.
Strategically direct our external security partners to scale our security operations and specialty projects.
Establish the patterns and guardrails for safe AI/LLM integration, focusing on secure data handling and access controls.

Benefits

Remote First work environment
Unlimited vacation in most of our locations!!
Great benefits including health, dental, vision and savings plan.
Perks such as training reimbursement, WFH reimbursement, and more.
Diverse and dynamic teams with challenging and exciting work.
An opportunity to have a real impact on our business.
A great range of social activities (both in person and virtual).
Optional in person meet-ups and the ability to travel to our international offices
Employee referral program
And so much more!