We're looking for an experienced Engineering Manager to manage our Product Security group.
At Zapier, security is part of how we create customer value. This group is helping our engineering organization to build security into our products on a secure-by-default infrastructure. It is a combination of talented, hands-on Application Security and Cloud Security engineers.
While reporting to the Head of Security, you'll get to impact every engineering team in the organization and use a broad set of technologies. Maintaining excellent relationships and communicating effectively with teams will be crucial to success.
You'll also get a chance to work with a growing community of Security Champions, helping them advance their knowledge and influence the engineering organization through them.
Things We've Done Recently:
- Implemented a comprehensive Cloud Security Posture Management system
- Rolled out a training platform for our Security Champions
- Deleted all our IAM users to rely on SSO instead
- Implemented a successful bug bounty program
- Conducted dozens of threat modeling sessions
If you’re interested in advancing your career in Cybersecurity at a fast-growing, profitable, impact-driven company, then read on…
You are an effective team builder. This isn't your first leadership role, and you've been in a direct leadership role for at least two years. You understand the benefits of building a diverse and inclusive engineering team. You may not have hired or managed hundreds of people before, but you have hired, trained, and managed at least a few engineers.
You’re a product thinker. As an Engineering Manager, you’ve worked to set goals, metrics, and a strategy for a product-focused Engineering team. You push your team to prioritize impactful work to meet the company’s goals.
You can keep track of, prioritize, and lead multiple projects. You have experience leading projects in Scrum. We're a small team, and there's no shortage of things you could be doing in a day. You'll carve out time for projects and make sure they solve real problems the team faces.
You have excellent communication skills. You regularly work with engineers and other stakeholders from various disciplines, balancing engineering concerns such as technical debt with product concerns. Ideally, you find solutions that address both the team and user needs but if not, help build understanding around difficult decisions.
You have a background in or strong interest in Cybersecurity. You don't need to be a security expert, but you are familiar with concepts like DevOps/DevSecOps, OWASP, and security tooling.
You have empathy for our customers and our engineers who use our systems and are eager to make improvements for them. You seek to reduce toil and understand what it means to take a software engineering approach to security.
Things you’ll do
Zapier is a fast-growing and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:
- You'll work with other Engineering Managers to ensure they are aware of their systems' security posture and risks and that they receive the necessary support from your group to improve.
- You’ll cultivate your team's talents to implement security solutions that are readily available to our software engineers, don't slow them down, and provide actionable recommendations. We look for the solution that automates the problem away, not the one that requires manual effort.
- Work within an Agile framework to provide the common infrastructure and developer infrastructure that enables Zapier engineering.
- Your teams are working on multiple projects at the same time, so you have to prioritize and juggle resources accordingly.
- Execute and deliver on the strategic vision of Product Security by identifying and delivering relevant backlog items.
- Collaborate across various disciplines (Product Managers, Designers, Researchers) to help set technical roadmaps that will achieve business goals through engineering best practices.
- Develop effective ways to communicate, monitor, and lead your team through weekly one-on-one’s and team meetings.
- Build rapport with each member of the Product Security group and support them through coaching and mentorship to help level up their skills.
- Actively recruit, onboard, and train new engineers at Zapier. This might involve tweaking the skills portions of interviews or writing better documentation.
- Act as a second-in-command for the Head of Security.
The Whole Package
Location: Americas-East, Western EMEA
Our fully remote, distributed environment enables us to work with awesome people from around the world. Our team members work from 38 different countries. We generally hire based on time zones and try to keep teams together by making sure that every Zapien overlaps with their manager & teammates for at least a few hours a day.
- Competitive salary and bonus program
- Equity for All: Stock options (or equivalent) for every Zapien
- Healthcare + dental + vision coverage*
- Fertility and Adoption Assistance
- Retirement plan with 4% company match*
- $2,000 annual learning stipend for use on courses, conferences, and more—your choice
- Annual all-company retreat
- 14 weeks paid leave for new parents of biological or adopted children
- Customized Zapiversary rewards on your 1, 3, 5, 7 and 10 year work anniversaries
- Leading-edge equipment. We set you up with an Apple laptop and provide an additional budget for you to choose other home office accessories and software you may need.
- Take the time you need to renew. We encourage Zapiens to take at least 10 days off each year. Most of us take 25 days off per year for vacation & holidays, plus whatever sick time we need.
- Opportunity to work with Zapier’s amazing partners network