CyberSecurity Engineering Manager

at Yoh
Location New York, NY
Date Posted August 24, 2021
Category Default
Job Type Full-time



Our client is looking for a CyberSecurity Engineering Manager to help validate all services, applications, and websites are secured against the latest threats. You will be responsible for managing a team of security engineers conducting security reviews and threat modeling, evolving the security assurance process, and creating metrics to demonstrate your team’s performance. You will help set the direction for a team of security professionals that is responsible for all internally developed (or acquired) products and services. The CyberSecurity Engineering Manager oversees engineers and architects in the development and implementation of security standards and controls in order to ensure that the organization's products are secure. This role combines long term strategic planning to raise the bar on security across the enterprise with the excitement and challenge of quickly reacting to new threat scenarios.


  • Serve as a technical expert for project teams throughout the implementation and maintenance of assigned information security solutions; defines and oversees the documentation of detailed standards (e.g., guidelines, processes, procedures).
  • Provide CyberSecurity subject matter expertise to the day-to-day operational aspects of the engineering team including improvement of current security controls; identify areas of improvement, etc.;
  • Design and manage the technical evaluation of new security technologies;
  • Threat hunting for Cybersecurity;
  • Identify security gaps across the IT and Engineering environments; develop solutions to rectify those gaps
  • Design and manage internal and external penetration testing

Technical Experience

  • Strong understanding and familiarity with cloud security controls and best practices;
  • Strong experience in security automation and tool development to secure the cloud;
  • Familiarity with common security libraries, security controls, and common security flaws;
  • Experience with OWASP, static/dynamic analysis, and common exploit tools and methods;
  • Strong understanding of network and web related protocols (such as, TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols);

Position Requirements

  • Minimum of 7 years of relevant technical experience, with the majority of this in a formalized information security team;
  • Bachelor's degree in Information Security, Computer Science or related field preferred;
  • Experience managing a team;
  • Certifications: Information Security certifications (CISSP, SANS GIAC, CISA, etc.);
  • Superior written and verbal communication as well as the ability to communicate ideas in both technical and user-friendly language;
  • Strong background in technical engineering and architecture, such as infrastructure/cloud engineering or software development;
  • Proven ability to build partnerships and collaboration between stakeholder teams;
  • Strong communication skills and ability to outline security risks to senior leadership;
  • Experience managing security vendors and managed services providers;
  • Experience working in a fast-paced, high-tech and customer obsessed environment;
  • Demonstrated leadership, management, and decision-making skills;
  • Ability to manage and participate in an on-call rotation performing weekend and after-hours support.

Drop files here browse files ...