Senior Manager, Security Engineering

Vanta · Enterprise · U.S. · Remote · Security

Vanta is seeking a Senior Manager of Security Engineering to lead their Security Engineering team. This role involves defining application security strategy, implementing security protocols, and leveraging AI to improve team processes and the overall security program. The manager will also work with Engineering and Product Development teams to assess and mitigate risk, and provide expert feedback on product offerings. The role requires strong leadership in engineering-driven security, application security experience in a SaaS environment, familiarity with industry regulations, and experience using AI to enhance security processes.

What you'd actually do

  1. Lead and grow a team of the best security engineers in the world, with a view of security that is engineering-driven, human-centric, and trust-based.
  2. Help define the strategy for Vanta’s application security program, and empower the team to implement robust security protocols and stay ahead of emerging threats.
  3. Leverage AI to improve efficiency of team processes, and improve the maturity of the overall security program.
  4. Work with the Engineering and Product Development team to assess and communicate acceptable levels of risk, mitigate that risk, and help ensure that Vanta products are developed with security in mind.
  5. Provide, both individually and through your team, expert feedback to Vanta’s Product, Engineering, and Design teams on our product offerings and serve as a strong customer voice in product development.

Skills

Required

  • Strong leadership experience in engineering-driven security
  • Ability to lead a technical team from a foundation of transparency and trust
  • Strong application security experience
  • Implementing security controls in a SaaS environment
  • Familiarity with relevant industry regulations and standards (e.g., GDPR, ISO 27001, NIST 800-53)
  • Experience ensuring compliance
  • Experience with leveraging AI to improve security processes
  • Understanding of a wide range of security technologies
  • Ability to stay updated on latest cybersecurity threats and trends
  • Ability to guide and communicate technical direction for internal application security programs
  • Familiarity with common vulnerabilities like OWASP Top 10
  • Familiarity with security tooling such as SAST, DAST, and other application security testing technologies
  • Ability to assess and analyze security risks comprehensively
  • Ability to prioritize risk remediation with consideration to business goals and objectives
  • Ability to build trust and strong partnerships internally with Product, Engineering, and other teams toward security goals
  • Open to using AI to amplify their skills and strengthen their work

Nice to have

  • prior security experience

What the JD emphasized

  • security should be monitored and verified continuously
  • strong security and compliance programs
  • security engineering
  • application security program
  • robust security protocols
  • emerging threats
  • security in mind
  • trust-based, human-centric security culture
  • Security Engineering and Security Operations Team Principles
  • application security experience
  • SaaS environment
  • industry regulations and standards
  • leveraging AI to improve security processes
  • cybersecurity threats and trends
  • internal application security programs
  • common vulnerabilities
  • security tooling
  • application security testing technologies
  • security risks comprehensively
  • business impact
  • technical impact
  • risk remediation
  • business goals and objectives
  • build trust and strong partnerships
  • security goals
  • using AI to amplify their skills
  • strengthen their work
  • applying AI responsibly