Engineering Manager, Security
Overview
EvenUp is a rapidly growing SaaS company dedicated to closing the justice gap through technology and AI. We empower personal injury lawyers and victims to achieve fair settlements and payouts. Our mission is to provide innovative solutions that benefit both law firms and their clients.
Responsibilities
Own the Security Strategy: Define and execute EvenUp's security roadmap across product security, infrastructure, AI, corporate IT, and risk management.
Build & Grow the Team: Lead and mentor our growing Security & IT team, hire exceptional people, and help scale the function as the company grows.
Build Security Into the Product: Partner closely with Engineering to embed security throughout the SDLC through threat modeling, secure design reviews, vulnerability management, penetration testing, and practical security guidance.
Protect Our Infrastructure: Own our cloud and corporate security posture across AWS, IAM, endpoint security, MDM, SSO, and identity systems. Evaluate security tooling and make thoughtful build-versus-buy decisions.
Lead Risk & Compliance: Own our SOC 2 Type II and HIPAA programs end to end, including audit readiness, policy management, incident response, vendor security, and third-party risk in partnership with Legal.
Build a Security-First Culture: Coach engineers and business teams, promote security best practices, and help build a culture where security is everyone's responsibility.
Requirements
Experience building or scaling security programs at a startup or high-growth company.
Strong technical depth across cloud security, IAM, endpoint security, secure SDLC, and modern security tooling.
Experience partnering closely with engineering teams on application and product security.
Hands-on ownership of SOC 2, HIPAA, or similar compliance programs.
Experience leading and developing technical teams while remaining close to the work.
A collaborative approach that helps teams move quickly while making smart security decisions.
Curiosity about AI and an interest in helping shape security as AI continues to evolve.
A builder mentality - you enjoy rolling up your sleeves, solving problems, and creating systems that will scale with the business.
Qualifications
Experience with security tools such as AWS, Azure, Google Cloud, and security frameworks like OWASP, CIS benchmarks, NIST, etc.
Experience with security standards and regulations such as SOC 2, HIPAA, GDPR, PCI-DSS, etc.
Experience with security architecture and design principles.
Experience with security operations and incident response.
Experience with security governance and compliance.
Experience with security training and awareness programs.
Benefits & Perks
Choice of medical, dental, and vision insurance plans for you and your family.
Additional insurance coverage options for life, accident, or critical illness.
Flexible paid time off, sick leave, short-term and long-term disability.
10 US observed holidays, and Canadian statutory holidays by province.
A home office stipend.
401(k) for US-based employees and RRSP for Canada-based employees.
Paid parental leave.
A local in-person meet-up program.
Hubs in San Francisco and Toronto.