POSITION OVERVIEW
We are seeking a Senior Manager, Information Security Architecture & Engineering to serve as a key security leader within our organization. This role is responsible for defining and driving platform, application and data security, including designing and reinforcing secure-by-design principles, effective data protection and handling, identity and access management standards, and vulnerability management across the enterprise. Acting primarily as a second-line of defense, this leader ensures security best practices are embedded into our CI/CD, SDLC, data pipelines, and platform.
Beyond technical expertise, this role demands strong leadership to both manage a team of security experts, as well as drive initiatives across teams and functions. The ideal candidate will foster a culture of collaboration, continuous learning, and high performance, prioritizing kindness, integrity, and transparency in leadership. This individual will view security as a business enabler, creating services that empower developers and system owners to iterate rapidly while maintaining strong and pragmatic security controls.
RESPONSIBILITIES
Define and maintain secure application and infrastructure architecture frameworks, ensuring security is built-in from the outset.
Partner with engineering, DevOps, and technology teams to integrate security into SDLC, CI/CD, and data pipelines.
Own and oversee the vulnerability management program, ensuring risk-based remediation across all technology assets.
Enhance and scale an existing security design review service, providing structured security assessments for new and evolving systems and data.
Advocate for security as a service, building tools and processes that streamline secure development and system operations.
Act as a security advisor to engineering and technology operations, ensuring security aligns with business goals.
Collaborate with the Security Governance, Risk, and Compliance (GRC) team to align technical security requirements with regulatory and commercial requirements.
Champion a security-first culture, ensuring technical execution teams understand security risks, standards and best practices.
REQUIREMENTS
10+ years of experience in security architecture, application security, infrastructure security, or related domains.
Strong background in cloud security (AWS, Azure, GCP), DevSecOps, and/or data security.
Experience leading a globally distributed team across time zones which relies heavily on asynchronous working and collaboration methods.
Experience leading and developing globally distributed security teams with a focus on professional growth and collaboration.
Experience designing security controls for data flows and distributed computing environments.
Hands-on expertise of secure software development practices, security testing methodologies, and threat modeling.
Strong cross-functional leadership with the ability to communicate security risks effectively to engineering, IT, and business stakeholders.
Experience of security frameworks and regulations (e.g., NIST CSF, PCI-DSS, GLBA).
Bachelors degree in Computer Science, Information Security, or related field.
Preferred Qualifications
Expertise in application security testing, threat modeling, bug bounty programs, and software security assessments.
Expertise in identity & access management (IAM), encryption, authentication, logging, and monitoring architectures.
Experience with GitHub, Wiz, Sentinel One and Okta.
Security certifications (CISSP, CISM, OSCP, AWS Security Specialty, or similar).
Advanced degree in Computer Science, Information Security or related field.
#LI-REMOTE #LI-RR1