Senior Manager, Security
Location
United States
Level
Executive
Department
Operations
Type
Full - Time
Salary
Job Description
Posted on:
July 24, 2023
As members of 6sense’s Security department, the Security Engineering team protects the platform. The manager of this team is responsible for oversight of daily operations, successful execution of team initiatives, and people management. This is a ‘working’ manager role where you will be hands-on keyboard as we continue to build out the Security Engineering practices and tools at 6sense.
Responsibilities
- Hire and mentor a best-in-class team of Security Engineers
- Build strong, collaborative partnerships with Development, Infrastructure and Product teams
- Implement security-related tooling, technical and process improvements and author project plans for security initiatives
- Manage a robust Application Security program, to include: vulnerability management, secure code reviews and standards, security architecture reviews, and technical integrations assessments.
- Manage a robust Infrastructure Security Management program, to include: vulnerability management, infrastructure and container change reviews, SaaS infrastructure access & permissions models, cloud security best practices, and operating system security.
- Drive efforts to improve security awareness in the areas of application security and the secure development of code through technical controls, education and training
- Implement a best-in-class bug bounty program which positions 6Sesne as the leading authority amongst other programs.
- Evolve corporate security policies and procedures to stay aligned with the security industry best practices
- Maintain expert knowledge of 6sense’s controls, product/product roadmap, and cloud architecture
- Prepare and deliver meaningful KPIs and metrics representative of the Security Engineering function
- Design and execute quarterly (O)KRs
Job Requirements
- 8+ years of experience in information security, with a focus on Secure SDLC, Cloud Security, bug bounty, and vulnerability management
- 3+ years of experience managing a Security Engineering or similar team
- Experience with security tools (e.g., Vulnerability Scanners, SAST/DAST, DevOps software, AWS cloud security tooling)
- Strong knowledge of industry frameworks, regulations and standards, such as: NIST 800-218 SSDF, OWASP, SAFECode, CIS benchmarks, ISO 27001, SOC 2, GDPR, PCI, SOX, NIST 800-53, etc.
Preferred Qualifications
- Bachelor's degree in a related field
- Relevant industry certifications, such as CISSP, CISM, or GIAC, are highly desirable
