Senior Manager, Product Security

Job Overview:

The Senior Manager, Product Security will lead a team of Application Security and Cloud Security engineers, safeguarding the company’s products and services. This role involves overseeing security tools, coordinating security processes, and fostering effective collaboration across technology teams. The ideal candidate will possess broad expertise in information security, particularly in application security, infrastructure and cloud security, and have a strong technical mindset. Prior experience managing cybersecurity in a SaaS environment and proven team management and mentoring skills are essential.

What you'll do:

• Manage and mentor a team of Application Security and Cloud Security engineers.
• Oversee the implementation and maintenance of security tools and technologies.
• Coordinate security processes and ensure they align with industry best practices.
• Facilitate effective collaboration across technology teams to integrate security into the product development lifecycle.
• Provide guidance and support to the peering teams and other stakeholders, promote security-aware culture and secure-by-design principles.
• Cross-functionally collaborate with technology teams to identify and remediate security issues, ensure secure design and operations.
• Track tool and process performance, create metrics to monitor effectiveness of the team’s operations.
• Manage workflows and responsibilities around security services and tools, primarily within Azure and AWS environments,
• Ensure secure deployment practices using Infrastructure as Code (IaC) and container management  tools (Terraform, Kubernetes, Docker).
• Orchestrate vulnerability assessments and penetration testing activities (SAST, DAST, 3-rd party assessments, metrics, reporting, remediation processes).
• Design and manage encryption and key management solutions such as AWS Key Management Service (KMS) and Azure Key Vault.
• Ensure compliance with security standards and frameworks such as ISO 27001, SOC 2, and industry-specific regulations.

What we're looking for: 

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Extensive experience in information security, with a focus on application security, infrastructure, and cloud security.
• Proven experience managing cybersecurity in a SaaS environment.
• Strong technical mindset and problem-solving skills.
• Excellent team management and mentoring abilities.
• Effective communication and collaboration skills.
• Flexibility to adapt to evolving security threats and changing project requirements.
• Capability to lead and mentor junior team members and peers.
• Self-motivated and proactive mindset in identifying potential security risks and implementing preventive measures.
• Ability to build strong relationships with colleagues and stakeholders
• Relevant certifications (e.g., CISSP, CISM) are a plus
• Azure: Azure Security Center, Azure Sentinel, Azure Key Vault, Azure Active Directory, Azure Policy, Azure Monitor, Azure Firewall, Azure DDoS Protection.
• AWS: AWS Security Hub, AWS IAM, AWS KMS, AWS CloudTrail, AWS Config, AWS Shield, AWS WAF, AWS CloudFormation.
• General: Terraform, Splunk, OWASP ZAP, Burp Suite, Nessus, Jenkins, Docker, Kubernetes.

About AvidXchange

AvidXchange is a leading provider of accounts payable (“AP”) automation software and payment solutions for middle-market businesses and their suppliers. By trade, we are a technology company, but if you ask anyone who works here, they’ll tell you our people are at the core of who we are. We focus on creating a culture of Diversity, Inclusion & Belonging, and are proud to be a safe place where teammates can bring their whole selves to work. At AvidXchange, mindset is everything. We are Connected as People, Growth Minded, and Customer Obsessed. These three mindsets represent our culture – who we are, who we’ve always been, and they guide us to improve every day. Since our founding in 2000 in Charlotte, NC, we’ve created a company of over 1,600 teammates working across the U.S., or remotely. AvidXchange is proud to be Certified™ as a Great Place to Work®. The prestigious recognition is based on anonymous data from our teammates and makes official what our teammates have known for years – that AvidXchange is a Great Place to Work®. 

Who you are: 

• A go-getter with an entrepreneurial mindset – that means you are not afraid of taking risks, winning big or facing the unknown. 
• Someone who understands that business is people centric. Connecting with others as humans first allows you to develop mutually beneficial working relationships. 
• Focused on making a difference for our customers. AvidXchange exists to help solve complex problems for our customers so we can all realize our potential. 

What you’ll get:  

AvidXchange teammates (we call them AvidXers) get the perks and prestige of a publicly traded tech company paired with the flexibility of a founder-led startup. We help our AvidXers develop as professionals and as human beings, providing work/life balance, development programs, competitive benefits and equity options. At AvidXchange, we are building more than a tech company – we are building an experience. We remain committed to a culture where you can fully be 'you’ – connected with others, chasing big goals, and making a meaningful impact. If you want to help us grow while realizing your potential and creating stories you’ll tell for years, you’ve come to the right place.

AvidXers enjoy:  

• 18 days PTO* 
• 11 Holidays (8 company recognized & 3 floating holidays) 
• 16 hours per year of paid Volunteer Time Off (VTO) 
• Competitive Healthcare 
• High Deductible Heath Plan Option that has $0 monthly premium for teammate-only coverage 
• 100% AvidXchange paid Dental Base Plan Coverage
• 100% AvidXchange paid Life Insurance 
• 100% AvidXchange paid Long-Term Disability 
• 100% AvidXchange paid Short-Term Disability  
• Employee Assistance Program (EAP) - Provides counseling services, legal and financial consultations and health advocacy for Teammates and their eligible dependents
• Onsite Health Clinic with Atrium Health - available to Teammates and their eligible dependents
• 401k Match up to 4% 
• Parental Leave: 8 weeks 100% paid by AvidXchange** 
• Discounts on Pet, Home, and Auto insurance 
• BrightDime Financial Wellness Tool, offered free to teammates 
• WeeCare Childcare Service: helps teammates find affordable daycare, childcare, and tutors 40% less expensive than traditional daycare centers 
• Perks at Work: free discount program that provides teammates the opportunity to save on items from electronics, movie tickets, car buying, vacations, and more 
• Onsite gym fitness center, yoga studio, and basketball court
• Tuition Reimbursement up to the federal maximum of $5,250***
• Hybrid Workplace Flexibility
• Free parking

*Fully granted from beginning of year, pro-rated if hired mid-year 

**Must be full-time for at least 3 months

***Must be full-time for at least one year 

Equal Employment Opportunity

AvidXchange is an equal opportunity employer. AvidXchange is committed to equal employment opportunity in accordance with applicable federal, state, and local laws. AvidXchange will not discriminate against applicants for employment on any legally recognized basis. This includes, but is not limited to veteran status, race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age and physical or mental disability.