Security Engineering Manager
Security Engineering Leader at JumpCloud
Louisville, CO and Denver, CO and Remote
JumpCloud's Information Security team is seeking a Manager, Security Engineering, to lead and grow the Company's security engineering function. This team owns all aspects of security for all JumpCloud’s product and management of internal compliance needs. You and your team will be responsible for evaluating and assessing security requirements into the Company’s Directory-as-a-Service platform, monitoring, hardening and maintaining the company’s environment based on SOC, monitor Threat Intel or vendor advisories, and partner closely with our technology/business teams to produce innovative and secure solutions to ensure our customers and employees are protected..
As a security leader, you will participate in the JumpCloud security strategy build out, road-map planning, project execution scheduling, and building a team of security engineers while fostering a strong team culture.
This is a unique opportunity to get in on the ground floor and start on the JumpCloud Market innovation as a security leader.
Director/Manager - Security Engineering Role & Responsibilities
- Hiring, leading and coaching the application security team, ensuring a ‘shift left’ approach to security within the core product development teams as well as education and adherence to secure coding standards.
- Ensuring world class infrastructure security including network, systems, security protocols and key management
- Driving compliance with key security standards that accelerate JumpCloud’s business goals
- Developing meaningful employee security training and adherence to internal security compliance standards
- Regular customer engagements, discussing security requirements and ensuring JumpCloud can meet and exceed customer goals
- Representing JumpCloud in the security community, in both local and national forums
Basic Qualifications:
- Bachelor of Science degree (BS) in Computer Science (or related field)
- 4+ years of experience leading, managing & developing high performance teams
- 6+ years of progressive experience within information security teams or similar operating environments with in-depth understanding of cloud, network, infrastructure, endpoint and/or data security
- Breadth of security experience across various infrastructures (cloud, hybrid and on-prem) and running in large production environments
- Experience with vulnerability risk and impact assessment
- Ability to make concrete progress and formulate plans in the face of ambiguity and imperfect knowledge (avoid “analysis paralysis”)
- Assess and present infrastructure security risk, solutions and tradeoffs to JumpCloud technology leadership to enable risk-based decision making
Preferred Basic Qualifications:
- Master’s degree in Computer Science (or related experience)
- Experience with AWS security architectures
- CISSP, CCSP, SANS GIAC, or similar professional certification(s)
- Hands-on knowledge of information security practices such as security design review, threat modeling, risk analysis and
- Experience with multiple programming languages (such as Go, Java, Python, Perl, Scala, etc.)
- Deep technical knowledge in multiple security domains such as engineering, system and network security, authentication or security protocols.
- Well versed in cloud-based application security, infrastructure security, business risk analysis and making complex business/risk trade-off recommendations and decisions.
- Hands-on knowledge of information security technologies such as security design review, threat modeling, risk analysis, and software testing techniques
- 5+ years of progressive experience within a software security team or similar operating environment
- Experience engaging deeply with the business side of the company and customers, where you understand and can guide discussions and decisions on the risks and trade-offs involved in building a secure product
Preferred Management Qualifications:
- Track record of hiring and developing top tier security engineers
- Proficiency in professional software engineering practices & best software development life cycle practices, including architectural design, coding standards, code reviews, build practices, testing, and operations
- Experience communicating with users, other technical teams, and senior management to collect requirements, describe software product features, technical designs, and product strategy
We're an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.