×
Register Here to Apply for Jobs or Post Jobs. X

Engineering Manager, Security

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: evenup
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 130000 - 180000 USD Yearly USD 130000.00 180000.00 YEAR
Job Description & How to Apply Below

Even Up is on a mission to close the justice gap using technology and AI. We empower personal injury lawyers and victims to get the justice they deserve. Our products enable law firms to secure faster settlements, higher payouts, and better outcomes for victims injured through no fault of their own in vehicle collisions, accidents, natural disasters, and more.

We are one of the fastest-growing vertical SaaS companies in history, and we are just getting started. Even Up is backed by top VCs, including Bessemer Venture Partners, Bain Capital Ventures, Signal Fire, and Lightspeed. We are looking to expand our team with talented, driven, and collaborative individuals who seek to have a lasting impact. Learn more at

Life as an Engineer at Even Up

Today, our engineering team is roughly 120 people, but by the end of 2026, we’ll roughly double in size. As we grow, we’re looking for a strong Manager to work cross-functionally and manage our security and IT teams within our infrastructure team. We need a hands‑on Security Manager to lead our Security efforts and drive our growth. You’ll help us evaluate whether to build or buy security solutions.

What You’ll Do:
  • Security Strategy & Team Leadership
    - Define Even Up’s security roadmap and lead a growing Security & IT team. Serve as the internal authority on risk and security posture, advising engineering, legal, and the executive team. Hire and develop talent as the function scales.

  • Compliance (SOC 2 & HIPAA) - Own our SOC 2 Type II and HIPAA programs end‑to‑end: gap assessments, control design, audit readiness, and ongoing compliance. Maintain policies and procedures, manage auditor relationships, and stay ahead of evolving regulatory requirements.

  • Product Security
    - Partner with Engineering to embed security into the SDLC through threat modeling, secure design reviews, and vulnerability management (SAST, DAST, pen testing). Champion a shift‑left, security‑by‑design culture across the product org.

  • Corporate IT & Infrastructure Security
    - Own corporate IT systems (MDM, SSO/IdP, endpoint security, IAM) and cloud security posture. Evaluate and deploy security tooling. Enforce least‑privilege and zero‑trust principles across the organization.

  • Vendor & Third‑Party Risk Management
    - Lead the vendor risk program, including security assessments, contract reviews (BAAs, DPAs), and ongoing monitoring of third‑party risk exposure.

  • Incident Response & Risk Management
    - Maintain the risk register, run periodic risk assessments, and own the incident response plan. Lead tabletop exercises, manage live incidents, and coordinate breach notification in partnership with legal.

  • Security Culture & Enablement
    - Drive security awareness across the company through training, documentation, and internal evangelism. Coach engineers and business teams on best practices and build a security‑first culture from the inside out.

  • Mentorship & Growth:
    Recruit, mentor, and develop engineers through regular feedback, coaching, and career development. Support performance management, growth planning, and team health.

What We Look For:
  • Proven security leadership at a startup or high‑growth company - you've built or scaled a security function before, not just maintained one.

  • Deep compliance experience - hands‑on ownership of SOC 2 Type II and HIPAA programs, from control design through audit. Familiarity with emerging requirements (state privacy laws, AI governance) is a plus.

  • Technical depth across the stack - strong working knowledge of cloud security (AWS/GCP/Azure), IAM, endpoint security, and secure SDLC practices. You can go deep with engineers, not just speak to them.

  • Product security chops - experience with vulnerability management, threat modeling, and integrating security into fast‑moving engineering teams without becoming a bottleneck.

  • People leadership - track record of managing and growing small technical teams, with the ability to hire well and develop talent as the function scales.

  • Vendor & third‑party risk know‑how - experience running a vendor risk program, including security reviews, BAAs/DPAs, and ongoing third‑party monitoring in a data‑sensitive environment.

  • Builder mentality - you’re equally…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary