Manager, Security Automation

Provide strategic leadership and hands-on expertise to enhance our security automation capabilities. This Manager, Security Automation, will develop the strategic roadmap, mentor a dedicated team of engineers, and drive initiatives to integrate security into our software delivery pipelines at scale seamlessly. The role combines visionary strategy with detailed technical oversight, collaborating across Product Security, Cloud Security, Development, and Operations to ensure comprehensive security coverage for applications and infrastructure in cloud environments.

The work you’ll do:

• Strategic Leadership & Roadmapping: Define the vision, strategy, and multi-year roadmap for security automation, emphasizing integration into CI/CD pipelines, vulnerability management, and supply chain security. Align security initiatives with business objectives, clearly communicating progress and risks to executive stakeholders.
• Team Management & Mentorship: Lead, mentor, and expand a team of DevSecOps/Automation Engineers. Provide coaching, performance feedback, and professional growth opportunities, cultivating a culture of innovation, collaboration, and continuous improvement.
• Program Execution & Delivery: Oversee multiple security automation projects from proof-of-concept through production deployment. Establish and monitor milestones, KPIs, and metrics to evaluate the effectiveness and impact of automated security controls and processes.
• Technical Oversight & Hands-On Contribution: Review and guide critical security automation code and architectures, utilizing languages and tools like Python, Go, and Terraform. Directly engage in complex pipeline integrations, tool evaluations, and custom script development as necessary.
• Collaboration Across Security & Engineering: Coordinate with Product Security (AppSec) teams for effective identification, triage, and remediation of vulnerabilities at the application layer. Partner with Cloud Security teams to align infrastructure security standards with automation practices, advocating for and facilitating Security Champions programs within development teams.

Required Qualifications:

• Leadership Experience: 5+ years of proven experience leading or managing engineering or security teams.
• Security Automation Expertise: Strong hands-on experience integrating security tools into CI/CD environments and in DevOps/DevSecOps roles.
• Programming Skills: Proficiency in programming (Python, Go, or similar languages), with demonstrated experience reviewing and guiding technical implementations.
• Project Management: Proven excellence managing complex security automation projects, prioritizing tasks, and delivering results.
• Communication Skills: Exceptional abilities in stakeholder engagement and communication, effectively interacting with technical teams and executive leadership.

Preferred Qualifications:

• Container & Kubernetes Security: Deep understanding of Kubernetes and associated security scanning and management tools.
• Supply Chain Security: Experience implementing Software Bill of Materials (SBOMs), code signing, and addressing supply chain security challenges, such as those exemplified by incidents like SolarWinds.
• SaaS & Cloud-Native Security: Track record of successfully building or scaling security automation capabilities in SaaS or cloud-native environments.
• Continuous Improvement: Demonstrated habit of staying current with emerging cloud security trends and threats. Participation in security communities or contributions to open-source security projects show a plus.
• Education & Certifications: Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field is beneficial.