Engineering Manager, Security – Blue Team

November 12

🗽 New York – Remote

Although this job is listed in New York, this company may be open to hiring remote in other states.

💵 $161k - $220k / year

⏰ Full Time

🟠 Senior

🔴 Lead

👮‍♀️ Software Engineering Manager

Apply Now

Receive Emails with Similar Jobs

Olo

WebsiteLinkedInAll Job Openings

SaaS • eCommerce • B2B

Olo is a restaurant technology platform that helps restaurants streamline their operations, enhance guest experiences, and increase sales. It provides comprehensive solutions for online ordering, delivery, catering, payment processing, and guest engagement through its fully integrated systems. Olo enables restaurants to leverage guest data to improve marketing strategies and optimize service through features like the Guest Data Platform and personalized marketing solutions. By using Olo, restaurants can manage digital orders, reduce fraud, and benefit from insights that drive growth and profitability. With a focus on online sales and customer relationship management, Olo partners with over 700 restaurant brands to enhance their digital capabilities and facilitate profitable growth.

501 - 1000 employees

Founded 2005

☁️ SaaS

🛍️ eCommerce

🤝 B2B

💰 $103.3M Post-IPO Equity on 2021-11

📋 Description

• Guide and coach Olo’s Blue Team on Information Protection, Incident Detection and Response and Service Delivery • You will recruit, develop and scale a team of world class security engineers; providing strategic and tactical oversight to the team and the program • Support a team of security engineers and analysts who hunt, detect, and respond to internal and external threats • Collaborate with customers and partners to strengthen their security posture • Drive ongoing optimizations by implementing new technologies, replacing technologies, addressing evolving threats, scaling practices and automating security activities • Ultimately you will keep team member and customers data safe by identifying and mitigating vulnerabilities and risks by providing actionable guidance to product teams • Lead Olo’s Information Protection program including the selection, testing, implementation and maintenance of security tools and services, security awareness, service provider management and the ongoing testing of those controls • Oversee Vulnerability Management program including vulnerability assessments, risk scoring and vulnerability resolution • Oversee Threat Hunting program to detect and mitigate advanced threats • Manage non-event driven security reviews, including concept reviews, design reviews, patching, firewall rules and system configuration checks • Apply Web application and API security principles and techniques, such as zero trust, RBAC, authentication, authorization, auditing, rate limiting, challenges, etc., to protect our cloud-based services from unauthorized access and abuse • Oversee Incident Detection and Response program including ownership of incident response processes, tools and services and the ongoing continuous improvement of those controls • Coordinate the detection and response to attacks through all incident phases • Ensure incident reports are accurate, detailed and relevant • Monitor, detect, and remediate misconfigurations and security risks across our cloud environments • Participate in a 24/7 on-call rotation • Oversee Security Services program including security support requests, risk assessments, vendor assessments, PCI and SOC audit support and service provider management

🎯 Requirements

• 8+ years of Security Engineering, Security Operations or Security Architecture experience with 2+ years in management • CISSP, GCIH or similar certification preferred • Experience managing distributed teams consisting largely of remote engineers • Experience complying with PCI-DSS and other compliance and regulatory standards • Experience with attacker tactics, techniques and procedures • Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards • Experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports • Experience analyzing security events to discern events that qualify as a legitimate security incident as opposed to non-incidents (ie. incident investigation, implementing countermeasures, and conducting incident response) • Deep understanding of operating system, networking and application concepts • Experience hardening Windows, MacOS, Linux Containers and Kubernetes • Familiarity with AWS security best practices and Infrastructure-as-Code • Experience deploying and maintaining security technologies (e.g. Access Proxies, API Gateway, Anti-Malware, Application Control, Cloud Security Posture, Data Leak Prevention, Data Mapping, Endpoint Detection & Response, Intrusion Detection System, File Integrity Monitoring, Firewalls, Mobile Device Management, Multi Factor Authentication, SIEM, Static Inspection, Vulnerability Assessment, Web Proxies, WAF and Zero Trust) • Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers • Ability to work during critical incidents or to support coverage requirements

🏖️ Benefits

• 20 days of paid time off • 10 sick days • 11 holidays • Year-end closure • Health, dental, and vision coverage for yourself and your family • 401k match • Remote-office stipend • Generous parental leave plan • Volunteer time off • Gift matching policy