Manager, Security Engineering

🔥 1 minute ago

🏄 California, New York, +1 more states – Remote

🏄 California – Remote 🗽 New York – Remote ☕ Washington – Remote

💵 $151k - $323k / year

⏰ Full Time

🟠 Senior

🔴 Lead

👮‍♀️ Software Engineering Manager

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

GoodRx

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2011

⚕️ Healthcare Insurance

💊 Pharmaceuticals

👥 B2C

💰 $100M Private Equity Round on 2020-09

Healthcare Insurance • Pharmaceuticals • B2C

GoodRx is a company that helps consumers in the United States save money on their prescription medications. They provide a platform that allows users to compare drug prices and find the lowest costs at pharmacies in their area. GoodRx aims to make prescription medications more affordable for individuals by offering discounts and coupons.

📋 Description

• Leads, hires, develops, and manages security engineers through coaching, performance management, and career development • Develops and executes the team's security engineering roadmap, balancing risk reduction, operational effectiveness, and business objectives • Develops and maintains security engineering services and controls that align with business objectives and industry best practices • Recommends improvements to security policies, standards, and procedures that strengthen the organization's security posture, including encompassing and considering emerging risks such as AI adoption and use • Works closely with leadership, teams, and cross-functional business groups to establish alignment on the security roadmap, plan and vision • Uses business knowledge and contextual awareness to guide team technical decisions related to cloud security, application security, identity management, and emerging technologies • Leads risk assessments, threat modeling, incident response, and security investigations related to production systems, cloud infrastructure, and new product initiatives • Establishes and develops security vendor relationships to ensure effective and efficient supplier performance results • Partners with Security, Compliance, Engineering, and IT stakeholders to support security awareness initiatives and promote secure engineering practices • Partners with Compliance and Audit teams to support security controls, audit readiness, evidence collection, and remediation activities • Drives adoption of DevSecOps practices, security automation, vulnerability management, secure code review processes, and secure-by-default engineering patterns • Establishes operational metrics and reporting to measure the effectiveness of security controls, detection capabilities, and team performance

🎯 Requirements

• 8+ years of experience in cybersecurity, cloud security, application security, infrastructure security, or related domains • Bachelor's degree in Computer Science, Information Systems, or a related field or equivalent practical experience • Experience with one or more modern programming or scripting languages (Python, Go, Java, Rust, Bash, or similar) • Strong familiarity with software development lifecycle (SDLC) processes and source control technologies • Strong understanding of DevSecOps, application security principles, secure software development practices, and modern software delivery environments • Ability to create solutions that are scalable, repeatable, secure and maintainable • Experience with risk assessment & analysis, emergency preparedness, and investigations/incident management • Experience with SIEM, security monitoring, threat detection, incident response, and observability platforms in cloud environments • Experience securing cloud-native environments, containerized workloads, Kubernetes platforms, modern CI/CD pipelines, and associated controls including vulnerability management, secrets management, and workload protection • Experience with identity and access management technologies such as Okta, SAML, OAuth, Descope, and OIDC, including authentication, authorization, and privileged access concepts • Experience securing cloud platforms such as AWS and/or GCP, including IAM, network security, logging, monitoring, and cloud-native security services (AWS and GCP certifications are a plus) • Experience with managing security programs and frameworks • Experience implementing or operating security controls aligned with frameworks such as NIST CSF, SOC 2, HITRUST, ISO 27001, or CIS Controls • CISSP and/or CISM certification is a plus

🏖️ Benefits

• medical, dental, and vision insurance • 401(k) with a company match • an ESPP • unlimited vacation • 13 paid holidays • 72 hours of sick leave • mental wellness and financial wellness programs • fertility benefits • generous parental leave • pet insurance • supplemental life insurance for you and your dependents • company-paid short-term and long-term disability