Engineering Manager - Application Security

About Pantheon

Pantheon is the WebOps platform for websites that deliver extraordinary results. We believe in putting the magic of the internet in everyone’s hands. That’s why we’re so passionate about helping developers, IT and marketing develop, test, and release website changes faster and more reliably so they can build and maintain websites that create value for their organizations. Our cloud native software makes it easy to securely manage a single website or thousands of websites across multiple teams in one platform.

Pantheon’s core company values are Trust, Teamwork, Passion, and Customers First. At Pantheon, we work hard and play harder, valuing individuality, humor, and balance. We're enthusiastic participants in several open-source communities and have real relationships with many of our most active customers. If all of this sounds interesting to you, read on!

The Role

As the Engineering Manager for Application Security, you will play a pivotal role in ensuring the security of Pantheon Platform, safeguarding the thousands of websites hosted on Pantheon to create a safe and secure digital environment. This position holds paramount importance within the Pantheon Product and  Engineering organization, as you will collaborate closely with leaders across the organization. By leading initiatives in application security, you will contribute directly to the reliability and resilience of our services, fostering a robust security culture within our engineering teams. This role is not only about fortifying our defenses but also about championing innovation, implementing best practices, and staying ahead of emerging threats to uphold Pantheon’'s commitment to excellence in digital security. Join us in this exciting opportunity to shape the future of secure web hosting and make a lasting impact on the digital experiences of our diverse user base.

What you Need to Succeed

• Hire lead and manage a high-performing team of security engineers, fostering a positive and collaborative environment
• Develop and implement the company's security vision and roadmap, including a strong emphasis on "Shift Left" principles.
• Perform application security reviews to identify security issues and risks, and develop mitigation plans
• Advise and consult with internal customers on risk assessment, threat modeling, code review, and vulnerability remediation
• Drive the adoption of secure coding practices across the engineering organization through training, workshops, and mentorship.
• Investigate, respond and communicate  security incidents promptly and effectively, minimizing potential harm and ensuring swift resolution.
• Partner with other engineering teams to integrate security considerations into their product roadmaps, design decisions, and development processes.
• Cultivate a culture of security awareness and education within the organization through presentations, workshops, and knowledge sharing initiatives.
• Identify and recruit talented security champions across various teams to serve as ambassadors and advocates for security best practices.
• Stay current with the latest security threats, trends, and technologies, and actively explore innovative solutions for mitigating emerging risks.
• Develop and deliver security training and outreach to internal development teams
• Communicate effectively with stakeholders across all levels of the organization, providing clear and concise updates on security posture and initiatives.

What you Bring to the Table

• 10+ years of experience in information security or a related field.
• Significant experience and detailed technical knowledge in multiple areas of: security engineering, cryptography, and application security.
• Excellent leadership skills and teamwork skills.
• Results oriented, high energy, self-motivated
• Detailed knowledge of application security vulnerabilities and remediation techniques
• Proven experience leading and managing a team of security engineers.
• Deep understanding of "Shift Left" security principles and methodologies.
• Extensive knowledge of web application security, common vulnerabilities, and relevant security tools.
• Experience with secure coding practices and software development lifecycle (SDLC) integration.
• Excellent communication, collaboration, and problem-solving skills.
• Ability to work independently and prioritize effectively in a fast-paced environment.
• Strong passion for security and a desire to create a secure and resilient technology ecosystem.

What We Offer

We have all the usual perks and benefits but what we can really offer you is a fantastic work environment powered by an amazing team.

• Industry competitive compensation and equity plan
• Paid Time Off (PTO), Paid Sick Leave (PSL) and 11 Paid Company Holidays
• Full medical coverage (Extended health care, dental, vision)
• Top-of-line equipment
• Monthly allowance for wellness, reading and access to LinkedIn Learning for continued development
• Events and activities both team-based and company wide that inspire, educate and cultivate

Pantheon is an equal opportunity action employer and we welcome applications from all backgrounds regardless of race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity, veteran status, disability, or any other classification protected by law. Pantheon complies with federal and local disability laws and makes reasonable accommodations for applicants and employees with disabilities. If you need a reasonable accommodation due to a disability for any part of the interview process, please contact [email protected]. Pursuant to local and federal regulations, Pantheon will consider qualified applicants with arrest and conviction records for employment.

To review the Employee and Applicant's Privacy Policy, click here.

Visa Sponsorship is not available at this time.