Sr. Manager Information Security Engineering

At Employ, we put people before products. We bring together the best talent with the best companies, creating opportunities for people and businesses. We help over 22,000 customers of all sizes overcome their greatest hiring challenges with our trusted recruiting solutions JazzHR, Lever, Jobvite, and NXTThing RPO.

We live our values of being people-first, customer-obsessed, accountable, and innovative. We guide our decisions by what’s best for our employees & customers. We relentlessly focus on serving the needs of our customers. We own the outcome, and work as a team towards a shared mission. We drive change as we continually learn and grow.

Join us in shaping the future of recruiting.

About the Role: 

As the Sr. Manager Information of Security Engineering, you will be entrusted with leading worldwide security engineering and operations efforts in this dynamic, fast-paced environment. This dynamic role requires a leader who can shift seamlessly between managing a team, providing strategic direction, and rolling up their sleeves to tackle technical challenges in a hands-on role alongside the team. You will oversee and contribute to our efforts in continuous monitoring, threat intelligence, vulnerability management, incident response, and SOC/ISO compliance, collaborating closely with IT and Development teams to ensure our systems remain resilient against threats. This roles presents an exciting opportunity to join a marketing leading SaaS company during a critical phase of integrating acquisitions into a single operating entity. Key responsibilities include:

What you’ll be doing: 

• Build, mentor, and lead a small but highly effective worldwide team of security engineers, while fostering a culture of collaboration, innovation, and accountability

• Drive the strategy and execution of security engineering & operations, aligning with company goals and priorities

• Collaborate across the Information Security, IT, and Development organizations to develop and mature our security programs, enhance security processes and integrate security into system lifecycles

• Communicate security risks, plans, and progress to technical and non-technical audiences, including senior leadership

• Participate directly in engineering activities as needed in order drive programs forward and meet security responsibilities

• Develop and maintain processes and tooling to deliver appropriate levels of continuous monitoring and threat detection

• Enhance our vulnerability managing program through effective use of tools, processes, and engagement with IT and Development operations teams

• Oversee the incident response lifecycle, ensuring swift and effective resolution of security events

• Management of our internal SOC and ISO compliance obligations and delivery of the certifications

• Collaborate across the business to coordinate incident management efforts, working closely with IT, Development, and other key stakeholders to ensure successful adherence to compliance and security standards

• Leverage threat intelligence to anticipate risks and inform security posture improvements

What you’ll bring: 

• Professional Certification is preferred: CISSP, CISM, or equivalent

• Minimum of 10 years of IT/IT Security experience, and 5 years of security management experience with increasing responsibility

• Comprehensive proficiency in core security principles and domains: Asset Security, Security Architecture, Risk Management, Communications and Network Security, Identity and Access Management, Assessment testing, and Software Development methodologies

• Demonstrated deep technical proficiency in common security capabilities and tools such as Identity and Access Management, Security Incident and Event Management (SIEM), firewalls, endpoint protection, email security, vulnerability management, and various other information security and related controls

• Proficiency with public cloud technologies, AWS and Azure are preferred

• Experience in managing both SOC2 and ISO 27001 compliance, preferably within SaaS or technology focused companies

• Demonstrated ability to build and successfully integrate information security programs into IT and Development lifecycles in order to create systemic and sustainable security improvements

• Demonstrated strong problem-solving and analytical skills is critical

• Strong leadership skills with the ability to work with and influence people at all levels across the enterprise

• Great attention to detail with the ability to understand impacts on the broader organization

• Effective time management and prioritization

• Ability to work within tight time constraints and multiple priorities

• Excellent verbal and written communication skills

• Excellent interpersonal skills, teamwork, and collaboration