[Remote] Security Engineering Manager
Note: The job is a remote job and is open to candidates in USA. Digital Harbor is an innovation-driven company committed to reshaping the future of enterprise applications. They are seeking a highly hands-on Manager of Security Engineering to lead and evolve the company’s security engineering function across their SaaS platform, cloud infrastructure, and internal operations.
Responsibilities
- Lead and mature Digital Harbor’s security engineering function across product, cloud, and operational security domains
- Serve as the primary security partner for engineering, product, infrastructure, and leadership teams
- Drive the adoption of scalable security-by-design practices throughout the software development lifecycle
- Establish practical and developer-friendly security standards, controls, and processes
- Lead hands-on security initiatives while helping shape longer-term security priorities and roadmap execution
- Improve the organization’s ability to detect, respond to, and mitigate evolving security threats
- Help build a strong security culture centered around collaboration, accountability, and enablement
- Influence security direction and operational maturity as the company continues to scale
- Drive security-by-design practices throughout the product development lifecycle
- Partner directly with engineering teams to improve application, API, and platform security
- Support secure development practices across CI/CD pipelines, microservices, and distributed systems
- Lead threat modeling and security review efforts for product features and platform initiatives
- Contribute to scalable DevSecOps practices focused on execution, automation, and developer enablement
- Help establish secure engineering standards and best practices across the organization
- Lead security initiatives across AWS and/or GCP cloud environments
- Define and implement scalable security controls for:
- Infrastructure as Code (IaC)
- Containers and Kubernetes environments
- Cloud-native and distributed architectures
- Improve cloud security posture through automation, monitoring, and infrastructure hardening
- Partner with infrastructure and DevOps teams to reduce operational risk while minimizing developer friction
- Help ensure systems and security controls scale effectively alongside platform growth
- Lead security incident response efforts with hands-on involvement when required
- Improve detection, monitoring, investigation, and response capabilities
- Drive automation initiatives that improve operational efficiency and reduce manual effort
- Help establish repeatable operational security processes and response procedures
- Continuously evaluate and improve security controls against evolving threats and attack patterns
- Act as the primary internal leader for security engineering initiatives and operational security priorities
- Help shape the company’s evolving security roadmap in partnership with engineering and leadership teams
- Promote a culture where security is viewed as a shared responsibility and business enabler
- Mentor engineers and advocate for secure engineering practices across teams
- Help identify future security staffing, tooling, and process needs as the organization scales
- Build strong cross-functional relationships across engineering, product, operations, legal, and leadership
- Support and help operationalize SOC 2 and ISO 27001 security initiatives
- Assist with vendor and third-party security reviews and risk assessments
- Partner with Legal and Product teams on privacy and data protection initiatives
- Help maintain practical, risk-based security processes that support business growth without unnecessary bureaucracy
- Contribute to security documentation, standards, and policy development where appropriate
Skills
- 6–9 years of experience in cybersecurity, preferably within SaaS or product-focused organizations
- Background in one or more of the following: Security Engineering, DevSecOps, Cloud Security, Application Security, Security Architecture
- Experience operating within modern cloud-native and distributed environments
- Proven ability to partner effectively with engineering and platform teams
- Experience leading cross-functional security initiatives and influencing technical decision-making
- Ability to balance security best practices with operational efficiency and development velocity
- Drive security-by-design practices throughout the product development lifecycle
- Partner directly with engineering teams to improve application, API, and platform security
- Support secure development practices across CI/CD pipelines, microservices, and distributed systems
- Lead threat modeling and security review efforts for product features and platform initiatives
- Contribute to scalable DevSecOps practices focused on execution, automation, and developer enablement
- Help establish secure engineering standards and best practices across the organization
- Lead security initiatives across AWS and/or GCP cloud environments
- Define and implement scalable security controls for Infrastructure as Code (IaC), Containers and Kubernetes environments, Cloud-native and distributed architectures
- Improve cloud security posture through automation, monitoring, and infrastructure hardening
- Partner with infrastructure and DevOps teams to reduce operational risk while minimizing developer friction
- Help ensure systems and security controls scale effectively alongside platform growth
- Lead security incident response efforts with hands-on involvement when required
- Improve detection, monitoring, investigation, and response capabilities
- Drive automation initiatives that improve operational efficiency and reduce manual effort
- Help establish repeatable operational security processes and response procedures
- Continuously evaluate and improve security controls against evolving threats and attack patterns
- Act as the primary internal leader for security engineering initiatives and operational security priorities
- Help shape the company's evolving security roadmap in partnership with engineering and leadership teams
- Promote a culture where security is viewed as a shared responsibility and business enabler
- Mentor engineers and advocate for secure engineering practices across teams
- Help identify future security staffing, tooling, and process needs as the organization scales
- Build strong cross-functional relationships across engineering, product, operations, legal, and leadership
- Support and help operationalize SOC 2 and ISO 27001 security initiatives
- Assist with vendor and third-party security reviews and risk assessments
- Partner with Legal and Product teams on privacy and data protection initiatives
- Help maintain practical, risk-based security processes that support business growth without unnecessary bureaucracy
- Contribute to security documentation, standards, and policy development where appropriate
- Cloud Security (AWS / GCP)
- DevSecOps and CI/CD Security
- Infrastructure as Code (Terraform preferred)
- Security Engineering and Automation
- Detection & Response Engineering
- Security Operations and Incident Management
- Application Security and API Security
- Vulnerability Management and Threat Modeling
- Strong ownership mentality with a builder mindset
- Hands-on, execution-oriented, and highly collaborative
- Comfortable operating in evolving and fast-moving environments
- Strong communication skills across technical and non-technical audiences
- Pragmatic approach to balancing security, scalability, and business objectives
- Ability to influence without excessive process or bureaucracy
- Bias toward action, operational improvement, and measurable outcomes
- Experience with modern security tooling, automation platforms, and cloud-native security solutions
- Familiarity with AI-related security risks and emerging threat landscapes
- Experience securing SaaS products and modern cloud-native applications
- Experience working with distributed or remote engineering organizations
Company Overview