Engineering Manager, Security Engineering

Engineering Manager, Security Engineering

Apply to lead Brex’s security engineering programs as Engineering Manager, Security Engineering at Brex
, an AI‑powered spend platform helping companies manage corporate cards, banking, and global payments.

Brex supports a diverse, inclusive culture where you can push limits, challenge the status quo, and grow alongside industry bright minds. Engineering teams span Software, Data, Security, and IT, with high autonomy, deep collaboration, and a focus on building systems that scale with speed and intention.

As the Head of Security Engineering, you will lead Application Security and Security Operations teams to build a world‑class security program that protects customers, staff, and enables safe enterprise expansion and AI implementations.

Hybrid role in the New York office: minimum two coordinated days in the office per week (Wednesday & Thursday). From February 2, 2026, three days per week (Monday, Wednesday & Thursday); up to four weeks per year fully remote.

• Build, lead, and grow security engineering teams across Application Security and Security Operations, with a focus on recruiting great talent.
• Drive security strategy and roadmap for vulnerability prevention, secure product lifecycle, detection automation, and security operations across corporate security, detection & response, and infrastructure security domains.
• Set direction for engineering team strategy, share context by elaborating the "why", empower stakeholders, and drive execution of security projects with clear expectations.
• Guide teams to build high‑quality security tooling and automated solutions at scale, including contributing to and maintaining the open‑source project Substation
  .
• Inspire a collaborative culture across highly cross‑functional teams, working with engineering leaders at Brex and upholding high engineering standards while operating calmly under pressure during security incidents.

• 3+ years of engineering leadership managing security engineering teams with demonstrated autonomy and self‑direction as a strong M1‑level manager.
• Strong software engineering background with coding ability and passion for security; expected to contribute to security tooling development and maintain open‑source projects.
• Exceptional cross‑functional leadership and stakeholder management skills; proven track record of delivering complex projects across multiple teams in fast‑paced environments.
• People‑centered management philosophy that empowers engineers by providing context, clarity, and support; strong coaching and leading skills.
• Excellent written and verbal communication skills; can convey complex security concepts clearly to technical and non‑technical audiences.
• Experience managing up and out—effective communication with leadership, influence without authority, and building strong relationships across all organizational levels.
• Comfortable with ambiguity and change; flexible and thrives when priorities shift.
• Deep experience with application security competencies: secure development lifecycle, threat modeling, vulnerability management, penetration testing, and red/purple teaming.
• Experience with security operations: alert triage, incident response, detection engineering, SIEM/log aggregation, and deploying security monitoring systems.
• Knowledge of Python, scripting languages, and AI/agentic approaches for automating security tasks.

• Proficiency with Kotlin, gRPC, Graph
  
  QL, Kubernetes, or Go.
• Previous experience as a software engineer or consultant performing web application security reviews.
• Experience with AWS and securing distributed systems in cloud environments.
• Experience with pentesting and securing agentic features and AI systems.
• Contributions to the wider technical community through open‑source projects, public research, blogging, conference presentations, or community organizing.
• Experience managing bug bounty programs.
• Familiarity with modern security tooling stack including Terraform, Tines, EDR solutions, Wiz, Crowdstrike, and SIEM platforms.
• Champion security best practices while enabling developer velocity and creating intuitive, secure‑by‑default experiences.

The expected salary range for this role is $240,000 – $300,000. Starting base pay depends on location, skills, experience, market demands, and internal pay parity. Equity and other forms of compensation may be provided in the total package.

Please be aware that job‑seekers may be at risk of targeting by malicious actors looking for personal data. Brex recruiters will only reach out via Linked In or email with a  domain. Any outreach claiming to be from Brex via other sources should be ignored.

Mid‑Senior level

Full‑time

Engineering and Information Technology