Descripción de la oferta
Experteer Overview As Cyber Security Lead at Manychat, you will head the security operations across AppSec, Infra Sec, and Endpoint Security, guiding a small team to protect a high-growth SaaS platform. You’ll define operational roadmaps, implement security tooling, and coordinate incident response and post-mortems, ensuring regulatory alignment and resilient infrastructure. You work closely with Infrastructure, IT, and Engineering to embed secure practices across the stack. This is an opportunity to shape security at scale for a globally used product.Compensaciones / Beneficios
- Lead and grow a team of AppSec, Infra Sec, and Endpoint Security engineers
- Own end-to-end security operations: detection, monitoring, incident response, remediation
- Define and execute roadmaps for Application Security, Infrastructure Security, and Endpoint/Office Security
- Drive adoption and administration of security tooling (EDR, SIEM, DAST/SAST, WAF, VPN, DNS security, Okta)
- Oversee cloud security posture across AWS environments
- Coordinate and lead security incident investigations including root cause analysis and post-mortems
- Partner with Infrastructure, IT Operations, and Engineering to implement security controls
- Maintain security documentation (runbooks, configurations, playbooks, procedures)
- Support SOC 2 and ISO 27001 compliance from the technical security side
- Represent cyber operations in cross-functional initiatives and strategic planningResponsabilidades
- 7+ years in technical security roles (AppSec, Infra Sec, or Endpoint Security)
- 3+ years in a lead or management role with direct reports
- Experience with developer security tooling: SAST, SCA, secrets scanning, and DAST integration into CI/CD pipelines
- Hands-on experience with security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, DNS security
- Strong AWS cloud security knowledge: IAM/SSO, Security Hub, GuardDuty, CloudTrail, AWS Config
- Solid understanding of OWASP Top 10, SDLC security integration, and threat modelling
- Experience with endpoint security: macOS and Windows hardening, MDM (Jamf or Microsoft Intune)
- Ability to lead security incident response: coordinating teams and communicating findings
- Strong communication skills to translate security risk to non-technical stakeholders
- Fluent English written and spoken
- It would be great if you have: experience with SOC 2/ISO 27001 in SaaS; Okta or similar IAM; detection engineering and SIEM log analysis; digital forensicsRequisitos principales
- Hybrid onboarding with relocation support
- Comprehensive health insurance
- Professional development budget
- Flexible benefits package
- Hybrid work and generous leave
- In-office perks: free meals and snacks