Engineering Manager (Cybersecurity)

TL;DR

Engineering Manager (Cybersecurity): Leading the Security Engineering team, designing and building secure systems and practices for hirify.global's e-commerce platform with an accent on technical systems planning, secure practices design, and governance. Focus on proactive engagement with engineering and product organizations, project oversight, and security assessments to ensure safe and practical decisions.

Location: Hybrid team members are expected to work from our Chicago office 1-3 times per week, depending on team norms. Remote roles are currently only available within the U.S. except Alaska and Hawaii.

Salary: 171,000 - 223,000 USD per year

Company

hirify.global is the largest online marketplace dedicated to buying and selling new, used, and vintage musical instruments.

What you will do

• Manage security engineers and analysts, including day-to-day activities, sprint planning, and retrospectives.
• Collaborate with other engineering managers to achieve roadmap goals.
• Perform security reviews, audits, assessments, and remediation actions or reporting.
• Engage in technical architecture feedback and design reviews.
• Work hands-on with Git, DevOps, and security tools to bolster understanding with other technical teams.
• Advise on GRC, technical, and policy matters to engineering leadership.

Requirements

• 2+ years leading or supervising security teams.
• 2+ years of hands-on experience with AWS, Terraform, Helm, Kubernetes, or other generalized DevOps tooling.
• 4+ years of experience in the security domain with technical expertise or contributions.
• Track record of crafting, developing, and handling security projects.
• Ability to develop policy, process, and procedures to apply to engineering organizations.
• Experience with Detection and Response concepts with SIEM, EDR, Incident Management, IDS, and WAF like Cloudflare, Datadog, incident.io, etc.
• Experience with Vuln Management, CICD Security, BugBounty.
• Regulatory experience such as PCI, FEDRAMP, SOX, etc.
• Knowledge of Authentication, RBAC, and IAM systems like Okta, AWS SSO, etc.
• Experience with JIRA and Confluence.
• Experience with Git.

Nice to have

• Deep networking and threat modeling experience.
• Experience with AST tools like GHAS, Snyk, or ArmorCode.
• Experience with CrowdStrike platforms.
• Deep experience with GitHub and GitHub security controls.
• Hands-on experience with AWS EKS, Rancher, or other Kubernetes platforms.

Culture & Benefits

• 100% paid premiums for medical, dental, and vision coverage for the employee, spouse or domestic partner, and all eligible dependents.
• Life, AD&D, and supplemental long-and short-term disability insurance.
• A matching 401(k).
• A generous PTO policy that includes vacation, sick/mental health days plus 11 paid holidays and two floating holidays.
• Professional development and continued learning opportunities through access to mentoring, 1:1 coaching, and platforms like Skillsoft.
• 18 weeks of gender-neutral parental leave for the birth or adoption of a child.
• Up to $25,000 reimbursement of adoption and/or surrogacy related expenses.
• Paid sabbatical program.
• Annual work/life stipend.
• Ways to give back to your community through volunteer time off.