Information Security Engineering Manager
United States of America
Full Time
2 hours ago
$114,000 - $182,000 USD
H1B Sponsor Likely
Key skills
Security Engineering ManagementNIST 800-171Security Platform EngineeringApplication Security EngineeringCloud Security EngineeringData Security EngineeringVulnerability ManagementAIMLData EngineeringSaaSSDLCLeadershipOWASPWAF
About this role
Southern New Hampshire University is a team of innovators dedicated to transforming lives through education. The Security Engineering Manager will lead a team of security engineers responsible for designing and operating security capabilities across the enterprise while ensuring alignment with security strategy and best practices.
Responsibilities:
- Recruit, develop, and retain a team of 8–10 security engineers across multiple disciplines, establishing clear career paths and technical growth opportunities
- Foster a culture of engineering excellence, operational thoughtfulness, learning, and shared accountability
- Set team goals and important results in consideration of the broader security strategy; track and communicate progress to leadership
- Conduct regular 1:1s, performance reviews, and skills assessments to ensure team health and readiness
- Define, build, and mature security engineering capabilities and partnerships spanning: Security Platform Engineering – deployment, integration, and lifecycle management of core security tooling (SIEM, EDR, WAF, IDS/IPS, firewalls, identity platforms)
- Application Security Engineering – partner with DevOps and application teams on secure SDLC, SAST/DAST tooling, developer security enablement, and vulnerability management integrations
- AI Security Engineering – partner with the AI team to design, assess, and operationalize security controls across the full AI/ML lifecycle, covering threat modeling, adversarial testing, secure architecture, access governance, output safety, and model protection
- Cloud & Infrastructure Security Engineering – partner with Cloud/Infrastructure teams on security controls for cloud-native environments (IaaS/PaaS/SaaS), infrastructure as code security, and workload protection
- Data Security Engineering – partner with Data Engineering, Data Governance, and Data Enablement teams on implementation and management of data loss prevention, encryption, database security, and privacy-aligned technical controls
- Lead the engineering roadmap for each sub-discipline, balancing near-term operational needs with long-term capability maturation
- Ensure engineering capability is aligned with NIST 800-171 and industry best practices
- Partner with the Security Architecture team to translate architectural patterns and security standards into implemented operational controls
- Collaborate with Infrastructure, Data Engineering, DevOps, and AI teams to adopt security by design/security by policy approach and embed security engineering into shared delivery pipelines and operational processes
- Be a technical escalation point and subject matter expert for complex, cross-domain security issues involving network, OS, application, and cloud layers
- Ensure engineered controls map to SNHU framework (NIST 800-171) and engineering outputs demonstrably reduce business risk
- Ensure audit readiness through repeatable, evidence-based engineering
- Support vulnerability management programs, threat modeling exercises, and security assessments by providing engineering-level context and remediation ownership
- Champion a 'security by design' philosophy — driving automation of repeatable processes, integrations, and security controls
- Set engineering standards for documentation, output quality, and peer review, within the security engineering function
- Manage vendor relationships and technology evaluations; provide technical guidance on tool selection, procurement, and configuration
- Other duties and responsibilities as assigned
Requirements:
- 7+ years of progressive experience in information security
- 3+ years in a technical leadership or security engineering management role
- Expertise leading and growing teams of security engineers or technical security practitioners
- Experience engineering and operating primary security platforms including firewalls, SIEM, EDR, IDS/IPS, WAF, and identity/access management tools
- Experience delivering multi-disciplinary security engineering programs in complex enterprise or cloud-native environments
- Experience Identifying, assessing, and prioritizing security risks to the business; translate risk findings into relevant engineering requirements
- Experience with NIST 800-171, OWASP, MITRE ATT&CK, and NIST CSF; experience mapping controls and benchmarking security posture