Senior Engineering Manager, Security Engineering

Mapbox is the leading real-time location platform for a new generation of location-aware businesses. Mapbox is the only platform that equips organizations with the full set of tools to power the navigation of people, packages, and vehicles everywhere. More than 4 million registered developers have chosen Mapbox because of the platform’s flexibility, security and privacy compliance. Organizations use Mapbox applications, data, SDKs and APIs to create customized and immersive experiences that delight their customers. 

What We Do

The Security Engineering team ensures that Mapbox is a secure and privacy-minded location platform. We take an engineering-driven approach to keeping our employees and millions of end-users safe from complex threats, generate innovative insights at scale, and develop tools and platforms to help every team at Mapbox own and improve their security surface area, and earn the trust of Mapbox customers. Our security vision is shifted left, meaning that designing secure systems that prevent threats is a higher priority than reactive tooling and processes.

What You'll Do

Mapbox is looking for a hands-on, technical leader, to manage a diverse team of Security Engineers and be responsible for Application Security, Infrastructure Security and Red Team in the organization. You will be responsible for enabling the security of the Mapbox platform, a surface area that ranges from the Mapbox SDK installed on millions of end-user devices worldwide, to a fleet of Docker-based and serverless applications running on AWS. You will serve as a deep technical resource to guide not only the security engineering team but also engineering teams across Mapbox, improving our security posture company-wide.

In this role, you can expect to:

• Structure and align the Security Engineering team around key areas of Application Security, Infrastructure Security and Red team efforts

• Provide strategic vision and strategy in the design and implementation of new security solutions and features for the company

• Deliver complex, high-impact roadmaps and projects while providing technical expertise and mentorship to your team

• Manage and develop the team through hiring, retaining, mentoring, and continually building the team’s capabilities

• Drive company, product, and team objectives, carrying your team and relevant stakeholders along in the decision-making

• Track operational metrics and goals to drive team performance

• Cooperate with the Compliance team on obtaining security certifications that will help our customers accelerate the adoption of the platform

What We Believe are Important Traits for This Role

•  7+ years of experience in a security management function, leading initiatives across an organization

• 5+ years experience instrumenting secure DevSecOps CI/CD pipelines for cloud-native and mobile apps using open-source and enterprise security software

• 5+ years experience building and hardening complex microservice-based systems in Serverless and Kubernetes environments using infrastructure-as-a-code GitOps approach

• 3+ years experience running successful internal and external pen-testing programs

• Expertise in threat modeling, secure coding, and various security tools such as SAST, DAST/IAST, SCA, IDS/IPS, WAF, SIEM/SOAR

• Experience building secure infrastructure by architecting network configurations, implementing network scans and threat detection frameworks, implementing privileged access management platforms (PAM)

• Strong Security incident handling, remediation and customers communication experience, including 0-day response process

• Deep and Broad experience with AWS

• Experience with cloud-native security frameworks

• Experience with security, compliance, and privacy standards such as SOC, GDPR, ISO27001, ASPICE, FedRAMP is ideal

• Personal drive for continual growth, both as an engineering leader and security expert

• Clear and persuasive communication of complex information to a broad audience, and a commitment to fostering and growing cross-team relationships

• Previous experience building and leading a high-performing team that delivered high-impact and high-value work

• Ability to take on a business ownership role, and be able to ramp up quickly and operate independently

• Commitment to recruiting, building, and retaining a diverse team

What We Value

In addition to our core values, which are not unique to this position and are necessary for Mapbox leaders:

• We value high-performing creative individuals who dig into problems and opportunities.

• We believe in individuals being their whole selves at work. We commit to this through supportive health care, parental leave, flexibility for the things that come up in life, and innovating on how we think about supporting our people.

• We emphasize an environment of teaching and learning to equip employees with the tools needed to be successful in their function and the company.

• We strongly believe in the value of growing a diverse team and encourage people of all backgrounds, genders, ethnicities, abilities, and sexual orientations to apply.

Our annual base compensation for this role ranges from $238,000 - $308,000 for most US locations and 5% to 10% higher for US locations with a higher cost of labor. Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. Please discuss your specific work location with your recruiter for more information.

By applying for this position, you acknowledge that you agree to the Mapbox Privacy Policy which is linked here.

Mapbox participates in E-Verify to confirm employee work authorization. Please refer to the Notice of E-Verify Participation and Right to Work posters for more information.

We are committed to a fair and equitable hiring process. We do not discriminate against any protected class.

#LI-Remote