Engineering Manager, Security

at  Quorso

We believe in the power of hiring. Because the potential for people to do something outstanding has everything to do with being in the right role, on the right team, at the right time. That’s where Greenhouse comes in – from recruiting to on-boarding, we make software to help every company be great at hiring.
Greenhouse is looking for an Engineering Manager, Security to join our team!
Our Engineering Manager, Security will lead and grow our security program and partner with our product engineering teams on proactively identifying and addressing security issues in our product suite. You will lead a distributed team of engineers and scale our application security practices by improving automation, holistically remediating security issues, and promoting secure-by-default principles.
Security at Greenhouse is critical to our success and for building & maintaining customer trust. From influencing how we write our software, deploy our infrastructure, and make architecture decisions, security is a primary focus.

Who will love this job

• A security lover - you keep up with the latest security research and love finding security issues in the newest technology across various security fields
• A problem solver - you can tackle complex security problems while still balancing good usability and mitigating security risk
• A doer - you get things done with attention to detail and are motivated to improve on the status quo
• A people-person - you shine when collaborating with others and are eager to contribute across the organization

What you’ll do

• Lead a team of 3 (including yourself) to help define and oversee the company’s product security strategy
• Leverage security tooling to proactively detect security vulnerabilities and promote security awareness to developers
• Partner with engineering to design frameworks/controls to promote ‘secure by default’ practices to support a growing microservice environment
• Provide your security domain expertise by partnering with engineers and product teams to impact the code base as well as product features that protect our customers security and data privacy
• Respond to vulnerability reports and incidents by identifying the risk and providing practical remediation advice to our product engineering teams and other partners
• Supervise security vulnerabilities and prioritize remediations with teams according to our SLA requirements
• Help define product security roadmaps and lead security projects from start to finish

You should have

• Experience pen-testing web applications, security architecture and design reviews, and security code reviews
• Familiarity with AWS and Kubernetes tech stacks and their security controls
• Deep understanding of web security with a focus on providing practical technical recommendations to engineering teams
• Knowledge industry-standard authentication protocols such SAML SSO, OpenID Connect and OAuth2
• Proficiency in at least one programming language and be capable of quickly picking up new languages
• Experience leading a team of security engineers
• Your own unique talents! If you don’t meet 100% of the qualifications outlined above, tell us why you’d be a great fit for this role in your cover letter

Applicants must be legally eligible to work in Canada as of the start date chosen by the Company.
For purposes of processing or administering your employment relationship, personal information that you provide to the Company may be transferred to and accessed by an affiliate in the United States or elsewhere, or to agents and contractors (such as payroll companies, insurance companies, information technology consultants, etc.) that provide services to the Company.
The national pay range for this role is $169,700 - $254,600 annually. Individual compensation will be commensurate with the candidate’s experience and local cost of labor. Certain roles may be eligible for additional compensation, including stock option awards, bonuses, and merit increases. Additionally, certain roles have the opportunity to receive sales commissions that are based on the terms of the sales commission plan applicable to the role.

• Lead a team of 3 (including yourself) to help define and oversee the company’s product security strategy
• Leverage security tooling to proactively detect security vulnerabilities and promote security awareness to developers
• Partner with engineering to design frameworks/controls to promote ‘secure by default’ practices to support a growing microservice environment
• Provide your security domain expertise by partnering with engineers and product teams to impact the code base as well as product features that protect our customers security and data privacy
• Respond to vulnerability reports and incidents by identifying the risk and providing practical remediation advice to our product engineering teams and other partners
• Supervise security vulnerabilities and prioritize remediations with teams according to our SLA requirements
• Help define product security roadmaps and lead security projects from start to finis