Security Engineering Manager

View full description

Requirements:

• Strong understanding of industry standard security guidelines (ex. NIST, OWASP).
• Extensive experience with AWS security tooling (ex. WAF, Shield, IAM, GuardDuty, and Security Hub).
• Strong communication skills and experience interacting with stakeholders.
• Experience leading cross-functional projects resulting in measurable security improvements.
• Ability to explain cybersecurity principles to technical and non-technical members.
• Experience with auditors in a highly regulated industry.
• Understanding of TTP frameworks (ex. MITRE ATT&CK) for securing systems.
• Understanding of web and mobile application security concepts.
• Experience with SAST, DAST, SCA, and CSPM tools.
• Bachelor’s degree specializing in Cybersecurity, Engineering, or related field.
• AWS Certifications a plus (i.e. DevOps Engineer, Security Specialty).

Responsibilities:

• Act as a strategic leader in shaping and implementing the application security strategy, ensuring alignment with organizational goals.
• Manage the Security Engineering Team composed of DevSecOps and Security Engineers.
• Oversee the security of platforms and assets, focusing on secure design and reporting security posture to leadership.
• Develop and implement security policies, standards, and best practices.
• Collaborate with stakeholders to align security initiatives with business objectives.
• Maintain and support the vulnerability management program.
• Assess and manage the attack surface of applications and platforms.
• Lead efforts to ensure secure design principles are applied throughout the CI/CD pipeline.