Engineering Infrastructure Security Manager

About the Role

We are seeking an experienced Engineering Infrastructure Security Manager to lead the security of our production and non-production engineering systems. This is a critical leadership role responsible for securing the infrastructure that powers the software development lifecycle, including source control systems, CI/CD pipelines, build environments, deployment platforms, developer tools, and associated cloud resources. The ideal candidate will bring deep technical expertise in infrastructure security, strong leadership capabilities, and a solid understanding of modern engineering and DevSecOps practices.

 

Key Responsibilities

Engineering Systems Security

• Design and implement security controls across development, staging, testing, and production environments
• Secure CI/CD pipelines, build systems, and deployment automation against supply chain threats
• Manage security for source control systems, code repositories, and secrets management platforms
• Oversee security of containerized environments (Docker, Kubernetes) and IaC ecosystems
• Ensure security across multi-cloud environments (AWS, GCP, Azure) and hybrid infrastructure

Security Architecture & Technical Leadership

• Design and implement security frameworks aligned with engineering workflows and developer productivity
• Implement zero-trust architecture and least-privilege access models
• Secure API gateways, service meshes, and microservices architectures
• Lead security initiatives across observability, logging, and monitoring platforms
• Strengthen network security posture including firewalls, VPCs, and segmentation

Risk Management & Vulnerability Response

• Conduct security assessments and penetration testing across engineering systems
• Manage vulnerability scanning and remediation programs
• Develop threat models for critical systems and deployment pipelines 
• Lead incident response for infrastructure security events
• Track and analyze security metrics (deployment security, configuration compliance, infra drift)

Team Leadership & Collaboration

• Build, mentor, and manage a high-performing team of security engineers
• Drive a “security as code” culture across engineering teams
• Collaborate with platform, SRE, and development teams to embed security into SDLC
• Provide training and guidance on secure infrastructure practices
• Foster a culture of security awareness and proactive risk reporting

Policy, Compliance & Governance

• Define and enforce security policies aligned with SOC 2, ISO 27001, NIST, PCI-DSS
• Ensure compliance with data protection regulations (GDPR, CCPA)
• Implement strong access control mechanisms and RBAC (must-have)
• Conduct regular audits and maintain compliance documentation
• Manage security for production data access and handling

Automation & Continuous Improvement

• Drive automation of security monitoring, controls, and incident response
• Implement security-as-code using Terraform, CloudFormation, and policy frameworks
• Integrate automated security testing into CI/CD pipelines (SAST, DAST, container scans)
• Maintain infrastructure security baselines and automated compliance checks
• Continuously reduce security technical debt

Business Continuity & Disaster Recovery

• Design and test disaster recovery plans for engineering infrastructure
• Implement backup strategies for source code, artifacts, and configurations
• Ensure high availability and resilience of critical systems
• Support incident response and business continuity planning from a security perspective

 

Basic Qualifications

Technical Expertise

• 8–12 years of experience in infrastructure security or related fields, with 3+ years in a leadership role
• Strong expertise in cloud security (AWS, GCP, Azure) and cloud-native architectures
• Hands-on experience with Kubernetes, containers, and orchestration platforms
• Deep understanding of CI/CD security, supply chain security, and DevSecOps practices
• Proficiency with Infrastructure-as-Code tools (Terraform, Ansible, CloudFormation)
• Experience with security tools: SIEM, vulnerability scanners, IDS/IPS, endpoint protection
• Strong knowledge of network security, encryption, IAM, and secrets management

Leadership & Collaboration

• Proven experience building and managing high-performing security teams
• Experience driving cross-functional initiatives across engineering, operations, and product teams
• Strong project management and execution skills
• Ability to mentor and grow security talent

Communication & Strategic Thinking

• Strong communication skills with ability to explain complex concepts to technical and non-technical stakeholders
• Experience presenting security strategies and risk insights to leadership
• Ability to translate business needs into security solutions
• Strong documentation and process definition skills

Compliance & Risk Management

• Experience with compliance frameworks: SOC 2, ISO 27001, NIST, PCI-DSS
• Strong understanding of risk assessment and security frameworks
• Knowledge of data privacy and regulatory requirements

 

Preferred Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field
• Security certifications such as CISSP, CISM, CCSP, CEH, or cloud security certifications
• Experience with GitOps workflows and tools like GitHub Advanced Security or GitLab Security
• Proficiency in scripting/programming (Python, Go, Bash) for automation
• Experience in regulated industries (finance, healthcare, government)
• Background in SRE or DevOps practices
• Experience securing microservices and serverless architectures
• Strong interest in security research and evolving threat landscapes