Manager, Security Engineering

Responsibilities

• Leads, hires, develops
• manages security engineers through coaching, performance management
• career development Develops and executes the team's security engineering roadmap, balancing risk reduction, operational effectiveness
• business objectives Develops and maintains security engineering services and controls that align with business objectives and industry best practices Recommends improvements to security policies, standards
• procedures that strengthen the organization's security posture, including encompassing and considering emerging risks such as AI adoption and use Works closely with leadership, teams
• cross-functional business groups to establish alignment on the security roadmap, plan and vision Uses business knowledge and contextual awareness to guide team technical decisions related to cloud security, application security, identity management
• emerging technologies Leads risk assessments, threat modeling, incident response
• security investigations related to production systems, cloud infrastructure
• new product initiatives Establishes and develops security vendor relationships to ensure effective and efficient supplier performance results Partners with Security, Compliance, Engineering
• IT stakeholders to support security awareness initiatives and promote secure engineering practices Partners with Compliance and Audit teams to support security controls, audit readiness, evidence collection
• remediation activities Drives adoption of DevSecOps practices, security automation, vulnerability management, secure code review processes
• secure-by-default engineering patterns Establishes operational metrics and reporting to measure the effectiveness of security controls, detection capabilities
• team performance Required Technical and Professional Expertise: 8+ years of experience in cybersecurity, cloud security, application security, infrastructure security
• related domains Bachelor's degree in Computer Science, Information Systems
• a related field or equivalent practical experience Experience with one or more modern programming or scripting languages (Python, Go, Java, Rust, Bash
• similar) Strong familiarity with software development lifecycle (SDLC) processes and source control technologies Strong understanding of DevSecOps, application security principles, secure software development practices
• modern software delivery environments Ability to create solutions that are scalable, repeatable, secure and maintainable Experience with risk assessment & analysis, emergency preparedness
• investigations/incident management Excellent communication and team relationship skills Experience with SIEM, security monitoring, threat detection, incident response
• observability platforms in cloud environments Experience securing cloud-native environments, containerized workloads, Kubernetes platforms, modern CI/CD pipelines
• associated controls including vulnerability management, secrets management
• workload protection Experience with identity and access management technologies such as Okta, SAML, OAuth, Descope
• OIDC, including authentication, authorization
• privileged access concepts Experience securing cloud platforms such as AWS and/or GCP, including IAM, network security, logging, monitoring
• cloud-native security services (AWS and GCP certifications are a plus) Experience with managing security programs and frameworks Experience implementing or operating security controls aligned with frameworks such as NIST CSF, SOC 2, HITRUST, ISO 27001
• CIS Controls CISSP and/or CISM certification is a plus Security is responsible for implementing security measures, monitoring suspicious activity
• taking immediate action against cyber threats through the incident response process and vulnerability management program.
• Additionally, Security monitors GoodRx’s organizational systems for end users’ activities from an information security perspective and correlates / analyzes logs to detect potential Events and Incidents.
• Lastly, the team works collaboratively with other departments to improve the organization’s security posture.
• At GoodRx, pay ranges are determined based on work locations and may vary based on where the successful candidate is hired.
• The pay ranges below are shown as a guideline
• the successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications
• other relevant business and organizational factors.
• These pay zones may be modified in the future.
• Please contact your recruiter for additional information.
• San Francisco and Seattle Offices: $202,000.00 - $323,000.00 New York Office: $185,000.00 - $296,000.00 Santa Monica Office: $168,000.00 - $269,000.00 Other Office Locations: $151,000.00 - $242,000.00 GoodRx also offers additional compensation programs such as annual cash bonuses or commission
• annual equity grants for most positions as well as generous benefits.
• Our great benefits offerings include medical, dental, and vision insurance, 401(k) with a company match, an ESPP, unlimited vacation, 13 paid holidays, and 72 hours of sick leave.
• GoodRx also offers additional benefits like mental wellness and financial wellness programs, fertility benefits, generous parental leave, pet insurance, supplemental life insurance for you and your dependents, company-paid short-term and long-term disability, and more!
• We’re committed to growing and empowering a more inclusive community within our company and industry.
• That’s why we hire and cultivate diverse teams of the best and brightest from all backgrounds, experiences, and perspectives.
• We believe that true innovation happens when everyone has a seat at the table and the tools, resources, and opportunities to excel.
• With that said, research shows that women and other underrepresented groups apply only if they meet 100% of the criteria.
• GoodRx is committed to leveling the playing field
• we encourage women, people of color, those in the LGBTQ+ communities, individuals with disabilities
• Veterans to apply for positions even if they don’t necessarily check every box outlined in the job description.
• Please still get in touch - we’d love to connect and see if you could be good for the role!
• GoodRx is committed to providing reasonable accommodations for candidates with disabilities during our recruiting process.
• If you need any assistance or accommodations due to a disability, please reach out to us at accommodations@goodrx.com .
• We prioritize candidate safety.
• Please be aware that all official communication will only be sent from @ goodrx.com or goodrx@myworkday.com addresses.
• GoodRx is America's healthcare marketplace.
• The company offers the most comprehensive and accurate resource for affordable prescription medications in the U.S., gathering pricing information from thousands of pharmacies coast to coast, as well as a tele-health marketplace for online doctor visits and lab tests.
• Since 2011, Americans with and without health insurance have saved $60 billion using GoodRx and million consumers visit goodrx.com each month to find discounts and information related to their healthcare.
• GoodRx is the #1 most downloaded medical app on the iOS and Android app stores.
• For more information, visit www.goodrx.com .