Security Product Engineering Manager

ActiveCampaign is the autonomous marketing platform for people at the heart of the action. They are seeking a Security Product Engineering Manager to lead a team responsible for authentication and authorization services, drive the consolidation of identity services, and enhance platform security.

Responsibilities:

• Lead and develop a team of senior and staff-level engineers — provide hands-on technical mentorship, clear prioritization, and career development that keeps strong ICs engaged
• Spearhead the migration and standardization of identity services onto a centralized platform, partnering with Platform Engineering on the long-term architecture
• Drive operational excellence by hardening the existing identity stack, reducing incident frequency, and building the observability and rigor necessary to run mission-critical infrastructure
• Participate in architectural and code reviews — you should be able to evaluate an identity flow, review a platform configuration, or debug a token validation issue alongside your engineers
• Partner with engineering teams across the organization to improve their integration experience with identity services — better documentation, clearer APIs, faster onboarding
• Collaborate with security and compliance teams to ensure identity architecture supports regulatory requirements and fraud prevention initiatives
• Shape the security culture by moving the team toward broader platform security concerns, establishing secure development patterns that allow other engineering teams to build with confidence
• Represent the team in incident reviews and cross-functional planning, translating high-level security trade-offs for non-technical audiences without losing the underlying substance

Requirements:

• 5+ years of hands-on software engineering experience with significant depth in identity, authentication, or authorization systems—you have built and operated these systems at scale
• 3+ years of engineering management experience leading engineers (not just tech-leading projects) — you know how to run effective 1:1s, give hard feedback, and create clarity in ambiguous environments
• Hands-on, current technical skills — you can read and review code, evaluate architecture decisions, and credibly challenge or support your team's technical direction
• Proven success in system consolidation, ideally having led the migration from legacy or bespoke auth implementations to standardized, centralized platforms
• Strong understanding of modern identity protocols and standards (authentication, authorization, federation, token-based architectures)
• Strategic vision to see beyond identity, with a background in infrastructure hardening and secure development lifecycles (SDLC)
• Strong communication skills — you can translate identity and security concepts for product managers, platform engineers, and executives without losing the technical substance
• Experience working in a SaaS environment with multi-tenant identity concerns and the security implications that come with them
• Familiarity with fraud-adjacent identity concerns: account takeover prevention, credential stuffing mitigation, adaptive authentication
• Background in platform or application security beyond identity — secure development lifecycle, infrastructure hardening
• You've built or significantly improved developer-facing documentation, SDKs, or integration guides for identity services
• Experience operating in a security organization that functions as an engineering team, not a compliance checkpoint