×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Engineering Manager, Product Security; Infrastructure and Security

Job in New York, New York County, New York, 10261, USA
Listing for: Lady Bird Talent
Full Time position
Listed on 2026-02-08
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Position: Engineering Manager, Product Security (Infrastructure and Security)
Location: New York

Overview

Engineering Manager, Product Security (Infrastructure and Security) – New York City

Our partners at Alloy solve the identity risk problem for companies that offer financial products by enabling them to outpace fraud and confidently serve more people around the world. Banks and Fintechs turn to Alloy to take control of fraud, credit, and compliance risk, and grow with the clearest picture of their customers. Check out our investors and read more about us here.

About

the team

Alloys Product Security Team is composed of Application Security and Cloud Security engineers who are responsible for implementing, improving, and maintaining Alloy s information security management system, and ensuring the ongoing security of Alloy s products and data.

What you ll be doing

Reporting into the VP of Infrastructure & Security, we re seeking a leader who will work with a large part of the engineering org to maintain and enhance our high security standards. The Engineering Manager of the Product Security Team will:

  • Mentor a team of Application Security and Cloud Security engineers
  • Ensure the confidentiality, integrity, and availability of Alloy s systems and data while allowing the business to move forward at a rapid pace
  • Conduct regular one on ones with members of the product security team, focusing on professional development, positive morale, and continuing momentum
  • Manage the product security backlog, prioritizing and delegating projects and ensuring their timely delivery
  • Engage with clients, auditors, and others during a variety of security assessments
  • Ensure timely security reviews of new and ongoing engineering initiatives
  • Manage security vendor relationships
  • Participate in third party security assessments
  • Conduct recurring security management meetings (access control reviews, security bug bashes, incident response plan reviews, etc)
  • Participate in risk assessments; lead threat modeling and tabletop security exercises
  • Manage Alloy s vulnerability management program
  • Ensure vigilance and monitor ongoing security threats
    • Analyze and respond to security incidents triggered by automated alerts, bug bounties, or external assessments
    • Perform ongoing log analysis and monitoring, and set up alerts to be proactively alerted or concerning activity
  • Proactively implement security controls and update existing controls to respond to an ever-changing threat environment
    • Implement and configure tools to help us detect and respond to new types of threats
    • Maintain awareness and understanding of Current Vulnerabilities & Exposures relevant to Alloy applications, dependencies, and infrastructure
    • Make sure vulnerable applications or systems are being promptly updated and vulnerabilities remediated
  • Regularly assess the security of our systems and compile reports for our team and our customers
    • Perform periodic security audits, penetration tests, and various tasks to ensure security policy and regulatory compliance
    • Prepare reports that document security incidents and the extent of the damage caused by the incidents
  • Maintain and adapt Alloy s security processes, procedures, and policies (we have strict security requirements and need to provide a lot of documentation to our customers and auditors!)
Who we re looking for
  • 3+ years of leadership experience
  • 8+ years of work experience in Application Security, Cloud Security, or Platform Security
  • Relevant information security and other certifications preferred: CISM, CISSP, AWS Solutions Architect, AWS Security Specialty, and similar
  • Knowledge of security, governance, risk, and compliance standards, frameworks, and controls such as PCI-DSS, ISO 27001/27002, SOC 2, NIST CSF, CIS Benchmarks, etc.
  • Practical experience with information systems security standards and practices (e.g., access control, system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Experience at each level of the stack: network, system, and application security particularly with Kubernetes and public cloud.
  • Knowledge of TCP/IP and network communications.
  • Knowledge of encryption/ decryption technologies
  • Experience implementing and configuring common security tooling solutions (SCA, SAST, SIEM, TPAM,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search