As our next Security Engineering Manager, you won't just be managing a technical function—you'll be at the helm of two of ActiveCampaign’s most critical security pillars: Security Operations and Security Engineering. You will lead and develop a small, focused team of engineers, serving as both a strategic mentor and a technical sounding board who can dive deep into architectural reviews.
This is a high-impact, player-coach role where you will architect the operational foundation for a mature, scalable security program. You’ll partner directly with leadership across Engineering, IT, and GRC to translate complex technical risks into tangible business outcomes, ensuring our cloud-first environment remains resilient as we scale. You will own our detection and response capability, drive cloud security posture across a complex AWS-first environment, and help build the operational foundation for a mature, scalable security program. This isn't just about closing tickets; it’s about shaping the future of our security posture and seeing your contributions directly impact ActiveCampaign's trajectory.
On a typical day, you might:
Lead and mentor a focused team of engineers across Security Operations and Security Engineering, setting clear technical directions and fostering growth paths that challenge even our most seasoned talent.Drive threat detection and incident response operations, evolving our "detection-as-code" practices to translate threat intelligence into durable, automated logic.Act as a strategic partner to Engineering and IT, providing developer-facing guidance to advance our cloud security posture and remediate vulnerabilities in our AWS-first environment.Own and mature our Zero Trust architecture, refining policy controls and DLP enforcement to stay ahead of the evolving SaaS threat landscape.Collaborate cross-functionally with Security Platform Engineering to enrich identity telemetry and close visibility gaps across our data pipelines.Represent the security organization in high-stakes conversations with executive stakeholders, distilling technical signals into clear, actionable business impact.Review and extend automation workflows using Python or SOAR platforms to ensure our small team operates with maximum efficiency and scale.
The ideal candidate will bring:
7+ years of hands-on experience in security engineering, security operations, or a combined discipline — with at least 2 years in a team lead or management capacity.Deep AWS cloud security expertise, including IAM policy analysis and the hands-on use of cloud-native tools like GuardDuty and CloudTrail.Strategic experience with modern security stacks, including EDR platforms, Zero Trust networking architectures, and the selection/implementation of SIEM solutions in cloud-native environments.Technical proficiency in Python for tooling, automation, and enrichment workflows — you don't need to write everything from scratch, but you can review and extend what the team builds.A proven ability to communicate technical risk to non-technical stakeholders, ensuring security initiatives are aligned with broader business goals.Familiarity with compliance-adjacent security work, such as mapping controls for SOC 2, GDPR, or HIPAA and managing security awareness programs.Familiarity with n8n, Tines, or similar SOAR/automation platforms for building detection and response workflows is a bonus.Prior experience in SaaS or high-growth technology companies, specifically operating within resource-constrained environments that require high ownership is preferred.
