Director, Security Engineering (Remote - US)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Director, Security Engineering in the United States.

This role provides an opportunity to lead and shape the security strategy for a large-scale, cloud-based platform serving hundreds of thousands of websites. You will manage a high-performing team of security engineers, implementing innovative practices to protect critical infrastructure and ensure compliance with standards like PCI-DSS and SOC2. This position offers the chance to influence security at the platform and application level, collaborating with cross-functional teams across engineering, legal, and governance functions. You will drive initiatives in secure coding, threat modeling, vulnerability remediation, and cloud security, all while fostering a strong culture of security awareness. The role combines leadership, hands-on technical expertise, and strategic vision to strengthen resilience and trust across the platform.

Accountabilities:

·        Lead, mentor, and manage a team of security engineers, fostering collaboration and high performance.

·        Develop and implement the company’s security vision, roadmap, and “Shift Left” principles.

·        Manage the security engineering budget and oversee selection, deployment, and operation of security tools (SAST/DAST, IAST, CSPM).

·        Conduct security reviews, threat modeling, risk assessments, and vulnerability remediation planning.

·        Partner with cross-functional teams to integrate security into development, product roadmaps, and engineering processes.

·        Drive adoption of secure coding practices through training, workshops, and mentorship.

·        Collaborate with Security Operations to investigate, respond to, and communicate security incidents effectively.

·        Recruit and develop security champions within the organization to advocate best practices.

·        Stay current on emerging threats, trends, and technologies, and implement innovative mitigation strategies.

·        Communicate security posture, initiatives, and technical updates clearly to stakeholders at all levels.

·        10+ years of experience in information security or a related field.

·        Proven experience leading and managing a team of security engineers.

·        Industry-recognized security certification such as CISSP, CISM, or CSSLP.

·        Deep experience with cloud platforms (AWS, GCP, Azure) and Infrastructure as Code security (Terraform, CloudFormation).

·        Strong knowledge of application and platform security, web encryption protocols, and vulnerability remediation techniques.

·        Experience translating ISO 27001 or NIST 800-53 controls into practical engineering requirements.

·        Knowledge of secure coding practices, SDLC integration, and “Shift Left” security principles.

·        Excellent leadership, communication, problem-solving, and collaboration skills.

·        Passion for security and ability to work independently in a fast-paced environment.

·        Experience with CSPM and CWPP tools (e.g., Wiz) is a strong plus.