Jobs · Information Technology

Manager, Security Engineering

GoodRx · United States · 2 wk ago
RemoteRemoteInformation Technology$202k–$323k/yrFull-time

Responsibilities

  • Leads, hires, develops, and manages security engineers through coaching, performance management, and career development
  • Develops and executes the team's security engineering roadmap, balancing risk reduction, operational effectiveness, and business objectives
  • Develops and maintains security engineering services and controls that align with business objectives and industry best practices
  • Recommends improvements to security policies, standards, and procedures that strengthen the organization's security posture, including encompassing and considering emerging risks such as AI adoption and use
  • Works closely with leadership, teams, and cross-functional business groups to establish alignment on the security roadmap, plan, and vision
  • Guides team technical decisions related to cloud security, application security, identity management, and emerging technologies
  • Establishes and develops security vendor relationships to ensure effective and efficient supplier performance results
  • Partners with Security, Compliance, Engineering, and IT stakeholders to support security awareness initiatives and promote secure engineering practices
  • Partners with Compliance and Audit teams to support security controls, audit readiness, evidence collection, and remediation activities
  • Drives adoption of DevSecOps practices, security automation, vulnerability management, secure code review processes, and secure-by-default engineering patterns
  • Establishes operational metrics and reporting to measure the effectiveness of security controls, detection capabilities, and team performance

Requirements

  • 8+ years of experience in cybersecurity, cloud security, application security, infrastructure security, or related domains
  • Bachelor's degree in Computer Science, Information Systems, or a related field or equivalent practical experience
  • Experience with one or more modern programming or scripting languages (Python, Go, Java, Rust, Bash, or similar)
  • Strong familiarity with software development lifecycle (SDLC) processes and source control technologies
  • Understanding of DevSecOps, application security principles, secure software development practices, and modern software delivery environments
  • Experience with risk assessment & analysis, emergency preparedness, and investigations/incident management
  • Excellent communication and team relationship skills
  • Experience with SIEM, security monitoring, threat detection, incident response, and observability platforms in cloud environments
  • Experience securing cloud-native environments, containerized workloads, Kubernetes platforms, modern CI/CD pipelines, and associated controls including vulnerability management, secrets management, and workload protection
  • Experience with identity and access management technologies such as Okta, SAML, OAuth, Descope, and OIDC, including authentication, authorization, and privileged access concepts
  • Experience securing cloud platforms such as AWS and/or GCP, including IAM, network security, logging, monitoring, and cloud-native security services (AWS and GCP certifications are a plus)
  • Experience with managing security programs and frameworks
  • Experience implementing or operating security controls aligned with frameworks such as NIST CSF, SOC 2, HITRUST, ISO 27001, or CIS Controls
  • CISSP and/or CISM certification is a plus

Qualifications

  • Security is responsible for implementing security measures, monitoring suspicious activity, and taking immediate action against cyber threats through the incident response process and vulnerability management program.
  • Security monitors GoodRx’s organizational systems for end users’ activities from an information security perspective and correlates / analyzes logs to detect potential Events and Incidents.
  • The team works collaboratively with other departments to improve the organization’s security posture.

Benefits

  • Pay ranges are determined based on work locations and may vary based on where the successful candidate is hired.
  • Additional compensation programs such as annual cash bonuses or commission, and annual equity grants for most positions as well as generous benefits.
  • Great benefits offerings include medical, dental, and vision insurance, 401(k) with a company match, an ESPP, unlimited vacation, 13 paid holidays, and 72 hours of sick leave.
  • Additional benefits like mental wellness and financial wellness programs, fertility benefits, generous parental leave, pet insurance, supplemental life insurance for you and your dependents, company-paid short-term and long-term disability, and more!

Similar jobs