Remote Otter LogoRemoteOtter

Security Engineering Manager - Remote

Posted 1 week ago
DevOps / Sysadmin
Full Time
USA
200000 - 240000 USD/year

Overview

We are looking for a Security Engineering Manager to lead our GRC team. You will be responsible for developing and implementing strategies to ensure we get and maintain industry certifications, as well as liaising with other teams delivering parts of our overall security posture. The ideal candidate will have a proven track record of building, implementing and improving the maturity of security programs in Cloud-based SaaS organizations and possess excellent leadership and communication skills. You must have significant engineering acumen as this is a highly technology-driven role.

In Short

  • Lead our security assurance team covering a range of areas, including certifications, application security, cloud security, and internal tooling development.
  • Develop, implement, and maintain security assurance programs to ensure compliance with organizational and regulatory requirements (e.g., ISO 27001, SOC 2, GDPR, NIST, PCI-DSS).
  • Conduct security assessments and audits of systems, networks, applications, and vendors to identify vulnerabilities and ensure mitigation efforts are effective.
  • Drive how Grafana implements automation to ensure compliance (verify Compliance as Code).
  • Define, optimize, and implement the engineering strategy in concert with the security leadership team, ICs and stakeholders across the business.
  • Regular 1:1s, coaching and mentoring to ensure your team members are motivated, happy and engaged.
  • Collaborate with cross-functional teams to integrate security controls into the software development lifecycle and operational processes.
  • Work closely with legal and compliance teams to manage security certifications and regulatory obligations.
  • Contributing to and reviewing design documents for upcoming projects.

Requirements

  • Compliance Automation (Compliance-as-Code):
    • Proven expertise in automating security compliance processes using tools, scripts, and frameworks (e.g., Terraform, Ansible, or custom scripts).
    • Experience integrating compliance checks into CI/CD pipelines to ensure ongoing adherence to security policies and standards.
    • Ability to develop and maintain Infrastructure as Code (IaC) configurations that align with organizational security and regulatory requirements.
  • Certifications and Standards Expertise:
    • Deep understanding of industry-recognized security frameworks, standards, and certifications, such as ISO 27001, SOC 2, PCI DSS, NIST, or GDPR.
    • Demonstrated experience in conducting gap analyses, preparing for audits, and ensuring compliance with relevant security certifications.
    • Knowledge of emerging trends and updates in compliance standards to ensure continuous alignment with best practices.
  • Project and Deadline Management:
    • Strong capability to manage multiple complex projects and deadlines simultaneously, ensuring timely delivery of security and compliance objectives.
    • Proficiency in using project management tools and methodologies (e.g., Agile, Kanban, or Gantt charts) to track progress and coordinate with cross-functional teams.
    • Skilled in prioritizing tasks based on risk, impact, and organizational goals, maintaining focus under tight timelines.
  • Technical Security Expertise:
    • A solid foundation in security principles, architecture, and risk management.
    • Hands-on experience with security tools (e.g., vulnerability scanners, SIEM platforms, and compliance reporting tools).
    • Ability to assess, report, and remediate security vulnerabilities in a fast-paced environment.
  • Collaboration and Communication:
    • Strong interpersonal skills to collaborate with diverse stakeholders, including engineers, compliance officers, and leadership teams.
    • Clear and effective communication of complex technical and compliance issues to non-technical audiences.
    • Experience in creating and delivering documentation, training, and awareness programs related to security assurance and compliance.
  • Problem-Solving and Innovation:
    • A proactive approach to identifying and solving compliance and security challenges.
    • Ability to innovate and improve existing processes, leveraging automation and modern tools to enhance efficiency.
  • Preferred Qualifications:
    • A degree in Computer Science, Information Security, or related field (or equivalent experience).
    • Hands-on experience in cloud environments (AWS, Azure, or Google Cloud) and their compliance frameworks.

Soft Skills:

  • Excellent communication and interpersonal skills to collaborate with technical and non-technical teams.
  • Strong problem-solving and analytical skills.
  • Ability to manage multiple projects simultaneously and meet deadlines in a fast-paced environment.
  • High attention to detail and commitment to maintaining confidentiality and integrity.

Bonus Points:

  • A technical background, ideally with programming or software engineering experience, before transitioning into security & leadership.
  • Working knowledge of Grafana Labs OSS projects and products.
  • Experience working with OSS communities.
  • Experience securing large-scale distributed systems.

In the USA, the base compensation range for this role is 200,000 USD - 240,000 USD. Actual compensation may vary based on level, experience, and skillset as assessed in the interview process. Benefits include equity, bonus (if applicable) and other benefits listed here.

*Compensation ranges are country specific. If you are applying for this role from a different location than listed above, your recruiter will discuss your specific market’s defined pay range & benefits at the beginning of the process

Grafana Labs logo

Grafana Labs

Grafana Labs is a company deeply rooted in the open-source community, dedicated to advocating for developers and nurturing innovation through collaboration. With a focus on observability and telemetry, Grafana Labs empowers users to build and understand complex systems using their technology. The company values a vibrant, participatory community and encourages diverse participation, aiming to improve their open-source software (OSS) through education and engagement. Grafana Labs operates with a fully remote team, fostering a culture of learning and sharing, and is committed to enhancing user success through effective communication and technical support.

Share This Job!

Save This Job!

Similar Jobs:

Garner Health logo

Security Engineering Manager - Remote

Garner Health

2 weeks ago

Garner Health is seeking a Security Engineering Manager to lead their security program and team.

Worldwide
Full-time
DevOps / Sysadmin
$220,000.00 - $250,000.00/year
Taskrabbit logo

Security Engineering Manager - Remote

Taskrabbit

4 weeks ago

Taskrabbit is seeking a Security Engineering Manager to lead a team and enhance the security posture of their platform.

USA
Full-time
DevOps / Sysadmin
$142,000 - $197,000/year
Taskrabbit logo

Security Engineering Manager - Remote

Taskrabbit

6 weeks ago

Taskrabbit is looking for a Security Engineering Manager to lead a team and enhance the security of their platform.

USA
Full-time
DevOps / Sysadmin
$142,000 - $197,000/year
Retool logo

Engineering Manager - Security - Remote

Retool

8 weeks ago

Join Retool as an Engineering Manager to lead the Security Engineering function and ensure top-tier security for our platform.

CA, USA
Full-time
Software Development
$188,400 - $251,900 USD/year
Coinbase logo

Engineering Manager, Security Engineering - Remote

Coinbase

12 weeks ago

Join Coinbase as a leader in the Security Platform Engineering team, focusing on building critical security capabilities.

Canada
Full-time
Software Development
$211,500 - $211,500 CAD/year