Manager, Security Engineering

About Demandbase: 

Demandbase is the Smarter GTM™ company for B2B brands. We help marketing and sales teams overcome the disruptive data and technology fragmentation that inhibits insight and forces them to spam their prospects. We do this by injecting Account Intelligence into every step of the buyer journey, wherever our clients interact with customers, and by helping them orchestrate every action across systems and channels - through advertising, account-based experience, and sales motions. The result? You spot opportunities earlier, engage with them more intelligently, and close deals faster. 

As a company, we’re as committed to growing careers as we are to building world-class technology. We invest heavily in people, our culture, and the community around us. We have offices in the San Francisco Bay Area, New York, Seattle, and teams in the UK and India, and allow employees to work remotely. We have also been continuously recognized as one of the best places to work in the San Francisco Bay Area.

We're committed to attracting, developing, retaining, and promoting a diverse workforce. By ensuring that every Demandbase employee is able to bring a diversity of talents to work, we're increasingly capable of living out our mission to transform how B2B goes to market. We encourage people from historically underrepresented backgrounds and all walks of life to apply. Come grow with us at Demandbase!

About the Role:

Demandbase is seeking a creative, highly motivated, enthusiastic security engineering manager to be a part of our product security team. You will work in a fast paced agile environment to build and deliver key security objectives for the company. This is a great opportunity to work with a talented, high energy and creative team focused on building and securing world-class products. We welcome people from all backgrounds who seek the opportunity to help build a future where everyone and everything can move securely and independently. If you have the curiosity, passion, and collaborative spirit, work with us, and let’s move the world forward together. We're looking for people who are excellent at fundamentals, have willingness to learn, and have an unstoppable desire to follow through with the job. Our technology stack is primarily in Java/Javascript and while experience with these languages is great, it's not a necessity.

What you'll be doing:

• Manage and lead a team of security engineers while being a hands-on security engineer.
• Demonstrate technical leadership in multiple security domains pertinent to product and cloud security such as secure SDLC, security-at-scale, infra-as-code, security-as-code, etc.
• Partner with engineering, infrastructure and risk managers to track and remediate vulnerabilities and manage remediation SLAs.
• Provide thought-leadership and tactical support to drive reduction in cyber security risks based on control environments and implementation.
• Support the security monitoring and incident response process and coordinate activities and actions across the organization for effective and timely response to incidents.
• Provide tactical support and strategic guidance for stakeholders to monitor and review security alerts and lead efforts to mitigate threats via proactive engineering and remediation efforts.
• Act as a technical subject matter expert for alignment with cloud secure reference architecture and automated remediation of cloud misconfigurations and vulnerabilities in close partnership with product and Infrastructure teams.
• Contribute to organizational standards and best practices along with shift-left, self-service focused security automation and improvements in our CI/CD pipeline

What we're looking for:

• 2+ years of engineering management and agile development experience
• 5+ years of equivalent relevant experience of software engineering and security practitioner, ideally in public cloud environments
• Ability to integrate/implement secure SDLC in all phases of product development such as ideation/conception, design and architecture, coding/development, QA/UAT, deployment and deprecation/EOL phases
• Hands on experience with multiple computer programming languages such as Golang, Python, Java, Javascript, Scala
• Good understanding of complexities and security challenges in large-scale distributed systems and multi-cloud environments
• Experience with building, operating, supporting security-at-scale in one or more cloud platforms such as AWS, GCP, Azure
• Working knowledge of cloud orchestration systems such as Kubernetes, Docker, Helm, Terraform
• You should be self-motivated and willing to delve into new areas and take new challenges in an enthusiastic manner
• Excellent written and verbal communication skills; fluent in English
• Strong interpersonal, team building, coaching and mentoring skills
• Certifications in product, application, and cloud architecture & security are great to have, but direct experience in these areas may also be sufficient to demonstrate competency. 

Personal information that you submit will be used by Demandbase for recruiting and other business purposes. Our Privacy Policy explains how we collect and use personal information.