About Betterment
Betterment is a leading, technology-driven financial services company that offers investing, savings and retirement solutions for retail investors and investment advisors as well as financial wellness solutions, including a 401(k) for small and medium-sized businesses. Our team is passionate about our mission, to empower people to build wealth with confidence and ease. We’re headquartered in NYC and offer hybrid NY-based positions (four days/ week in-office, with no required office days during the summer and winter holidays).
About the Role
Betterment's mission is to make people's lives better through smarter financial tools, and protecting that trust is where security comes in. As Engineering Manager of Detection Engineering, you'll lead the team responsible for building and operating Betterment's security detection capabilities. You'll own the strategy and execution for how we detect threats across our cloud infrastructure, SaaS ecosystem, and product, giving your team the direction and support they need to do their best work.
You'll partner closely with Security Engineering, IT, Risk, and Engineering leadership to mature our detection program, balancing the delivery of new capabilities with the operational rigor our customers and business depend on. You'll be a hands-on leader who can go deep on the work while also driving the roadmap, growing your team, and translating security priorities into engineering outcomes.
This role is based out of our NYC office. Below we've reflected the base salary range for this position. Actual salaries may vary depending on factors including but not limited to location, experience, and performance. The range listed is just one component of Betterment’s total compensation package for employees.
- New York City: $175,000 - $215,000
This job may also be eligible for variable compensation in the form of a company incentive bonus.
A Day in the Life:
- Detection Program Strategy: Help own, drive, and execute the Detection Engineering roadmap, balancing new capability development with the operational health of existing systems, including driving threat-informed, TTP-aligned detection development across the team.
- Detection Quality: Work with engineers and the business to maintain and refine the measurement framework for detection health, coverage, precision, false positive rates, and safe rollout practices, holding the team to a continuously improving bar.
- Threat Modeling: Set expectations for how the team engages with engineering and infrastructure partners on new systems, ensuring D&R requirements (telemetry, threat models, response playbooks) are defined before systems ship.
- Incident Response Leadership: Lead or oversee the team's response to security incidents, ensuring clear ownership, fast time-to-contain, and strong post-incident review practices.
- Team Leadership: Lead, mentor, and grow a team of detection engineers, investing in their craft and careers.
- External SOC Partnership: Partner with our external SOC to define scope, improve triage quality, and identify opportunities to hand off well-defined alert handling.
- Cross-functional Collaboration: Collaborate with IT, Risk, Compliance, and the broader Security Engineering team to understand security priorities and translate them into engineering work. Represent Detection Engineering across the organization, making security work legible to non-security teams and building strong stakeholder relationships.
- Engineering Quality: Hold a high bar for engineering quality, automated testing, proper observability, documented runbooks, and maintainable code.
- Compliance: Lead the team through audits (SOC 2, ISO 27001, etc.), ensuring detection infrastructure supports compliance evidence and control requirements.
What We're Looking For:
We are seeking a team member with 7+ years in security engineering or operations, with 2+ years managing security or detection engineering teams including senior engineers.
- Player-Coach: A track record as a true player-coach, comfortable going deep on technical problems while also leading people and programs.
- Detection Expertise: Strong background in SIEM platforms (Splunk preferred), detection-as-code practices, and threat-informed detection development including familiarity with adversary TTPs and frameworks like MITRE ATT&CK.
- Incident Response: Experience leading or overseeing incident response, including establishing IR playbooks and driving post-incident review practices.
- External SOC: Experience working with or managing an external SOC, including defining escalation paths and performance expectations.
- Cloud & Tooling: Familiarity with cloud environments (AWS), endpoint security (CrowdStrike or similar), and identity platforms (Okta or similar).
- Engineering Quality: Passion for engineering quality, you hold the team to the same standards as any product engineering team.
- Compliance: Experience collaborating with Compliance, Risk, and Audit teams on security controls and evidence collection.
- Communication: Clear, direct communicator who can translate security context for technical and non-technical audiences alike.
What being at Betterment means for you
We change lives
Join a community of innovators working to transform financial outcomes for real people. Your work will make an impact, always laddering up to our mission: making people's lives better.
We set audacious goals
We set them for the company, our customers, and ourselves—and we won’t stop until we reach them. We don’t just show up; we give our all, then celebrate our wins.
We value all perspectives
When we collaborate, we're at our best. We believe diverse perspectives lead to better outcomes and strive to uphold our supportive and inclusive community.
We invest in you with:
- A competitive suite of benefits, including: medical, dental, and vision insurance; life and AD&D insurance; STD and LTD benefits, including infertility support and World Professional Association for Transgender Health approved benefits; and generous parental leave.
- Flexible paid time off (and encouragement to use it!)
- Meaningful opportunity for community building through our 7 Employee Resource Groups
- Empowerment to own and lead change and affect the business
- Dedicated professional development opportunities
- Lunch from our in-house chef at our NYC headquarters
What happens next
We’ll take a few weeks to review all applications. If we’d like to spend more time with you, we’ll reach out to arrange next steps, which will include 3-4 sets of meetings with your future colleagues.
In the interview process, we’ll look to learn more about your skills, experiences, capabilities, and motivators. Many of our questions will be aimed at understanding how you might operate here at Betterment. Depending on the role, we may ask you to complete a case study exercise or technical assessments, as we want to collect a robust set of data points to better inform our decisions.
On average, it takes us around 3-5 weeks to make a hiring decision, depending on your availability and sense of urgency. As a best practice, we aim to interview at least 2-3 final round candidates before making a hiring decision. Please note that, as we usually receive an overwhelming number of applications for open positions, we’re unable to offer individual feedback during the interview process.
We recognize that interviewing for a new role is a big deal. We appreciate you considering Betterment as the next step in your career, and our Recruiting Team is here to support and advocate for you through the interview process!
_Betterment is dedicated to providing accommodations to candidates upon request. If you need accommodations at any point throughout the interview process, please reach out to your recruiter. _
Please note that in any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.
**Come join us! **
We’re an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. We strictly prohibit and do not tolerate discrimination against employees, applicants, or any other covered persons because of race, color, religion, creed, national origin or ancestry, ethnicity, sex, gender (including gender nonconformity and status as a transgender or transsexual individual), sexual orientation, marital status, age, physical or mental disability, citizenship, past, current or prospective service in the uniformed services, predisposing genetic characteristic, domestic violence victim status, arrest records, or any other characteristic protected under applicable federal, state or local law.
E-Verify Statement
Betterment participates in E-Verify. We will provide the Social Security Administration, and if necessary, the Department of Homeland Security, with information from each new employee’s Form I-9 to confirm work authorization. Please note that we do not use this information to pre-screen job applicants. E-Verify Notice E-Verify Notice (Spanish) Right to Work Notice Right to Work Notice (Spanish)
**CPRA Language - CA Applicants ONLY **
_We collect and store personal information for the purposes of candidate tracking (for this role and future opportunities). The information you provide in the course of completing your application will be kept for up to 24 months. We use tools provided by third-party service providers but do not share candidate information for any purpose other than for recruiting. To access the data that is collected, request deletion or to make updates to your candidate profile, please email _team.hire@betterment.com_. _