Senior Manager, Security Engineering

About The Position

Requirements

• Minimum of 10 years of experience in information security, with at least 3 years in a leadership role managing cloud and application security teams.
• Deep understanding of AWS security services and best practices.
• Experience with application security testing (SAST/DAST), secure development lifecycles, and DevOps security.
• Familiarity with security tech stack (e.g., Wiz, Crowdstrike, Okta, AWS, Signal Sciences/Fastly WAF, API Security Gateways) is a plus.
• Proven ability to lead and motivate a senior, high-performing team.
• Excellent communication and interpersonal skills, with the ability to influence and build consensus across technical and business functions.
• Strong business acumen and a pragmatic approach to security.
• Bachelor's degree in Computer Science, Information Security, or a related field.
• Relevant certifications such as CISSP, CSSLP, or AWS Certified Security - Specialty are highly desirable.

Responsibilities

• Develop and implement a comprehensive security strategy for cloud, application, and product security that aligns with business objectives and key security frameworks like NIST CSF and CIS Controls.
• Lead and mentor a team of security engineers and architects, fostering a culture of ownership, continuous improvement, and collaboration with the broader Product & Engineering organization.
• Oversee the security of our AWS environment, focusing on implementing 'golden path' guardrails, improving visibility, and remediating identified risks.
• Drive the maturation of our application security program by integrating security into the CI/CD pipeline, conducting design reviews, and managing the security review backlog.
• Collaborate with the Offensive Security team to manage and prioritize the remediation of vulnerabilities across the platform and applications.
• Partner with key stakeholders, including the CTO, SVP of Product & Engineering, and other technical leaders, to ensure security initiatives are well-understood, prioritized, and delivered.
• Demonstrate expertise in applying AI and ML to Cloud and Application Security, developing and implementing robust AI security governance frameworks.
• Define and track key performance indicators (KPIs) and risk indicators (KRIs) to measure the effectiveness of the security program and provide regular updates to senior leadership and the Audit Committee.

Benefits

• Participation in incentive programs (which may include eligible cash, equity, or commissions).
• Paid vacation, holidays, sick time, parental leave, and recharge leave.
• Medical, tele-health, dental and vision benefits.
• 401(k) plan.
• Flexible spending accounts (FSAs).
• Commuter program.
• Life and disability insurance.
• Maven (a support system for new parents).
• Carrot (fertility benefits).
• UrbanSitter (caregiver referral network).
• Employee Assistance Program.
• Pet insurance.