Security Manager - Chicago/Toronto

Who we are:

At SpotHero, we empower people to get everywhere, easier! Our marketplace connects drivers with parking spots through mobile app and web, helping them save time, and money. At the same time, we provide parking operators with powerful tools to manage inventory, reach new customers, and grow their businesses. We’re bringing the parking industry into the future through technology and innovation.

Security Manager at SpotHero:

SpotHero is looking for a hands-on Security Manager to lead and evolve our security program across both our consumer-facing applications and internal IT infrastructure. This is a player/coach role: you’ll be directly responsible for technical implementation while also driving strategy, leading initiatives, and mentoring a small team. We’re seeking someone with deep security expertise who thrives in fast-moving environments and can bridge engineering, IT, and compliance. 

What you will do:

• Build and lead SpotHero’s security program across application, infrastructure (AWS, Kubernetes, Docker), and corporate environments.
• Champion DevSecOps and SecOps practices across engineering and IT.
• Design and deliver internal security education, including training on OWASP Top 10 and phishing awareness.
• Own application testing initiatives including annual penetration tests, regular vulnerability scanning, and remediation tracking.
• Maintain and evolve our risk register and governance documentation.
• Manage and respond to security reports from our bug bounty program.
• Partner with Corporate IT to secure endpoints, SaaS tools (Google Workspace, Atlassian, etc.), and internal networks.
• Drive SOC 2 and broader GRC efforts, leading documentation, process alignment, and audits.
• Oversee third-party risk management and security reviews for vendors and partner questionnaires.
• Conduct forensics and root cause analysis of security incidents.
• Ensure operational excellence across identity and access management platforms and core security tooling.
• Manage external vendors and security consulting engagements.

What you bring: 

• 5+ years in security operations or application security, 2+ years of people or initiative leadership experience.
• Strong technical background with hands-on ability: scripting, tool setup, ethical hacking, automation.
• Deep knowledge of cybersecurity as it applies to modern cloud-native applications and corporate SaaS ecosystems.
• Great communication skills and the ability to influence without authority across teams.
• Passion for mentoring, documentation, and practical risk management.

Nice to have: 

• Security certifications (CISSP, OSCP, etc.).
• Experience with compliance frameworks like SOC2, and PCI DSS.

Seeking Candidates in:

• Chicago, Illinois
• Toronto, Ontario
• 2x per week in office

What we are offering:

• Career game changer – A truly unique experience to work for a fast-growing startup in a role with unlimited growth potential.
• Excellent benefits
• US: we cover a generous portion of Medical Premiums, 50% of Dental and Vision Premiums, company-sponsored Life Insurance, a 401 (k), and generous parental leave.
• Canada: We offer Medical (prescription drug and paramedical coverage), Dental, Vision, Life Insurance, STD and LTD.
• Flexible PTO policy and outstanding work/life balance – We value and support each individual team member.
• Udemy and Personal Learning Budget - We support the professional and personal growth of our people by providing everyone with learning resources and development opportunities.
• Annual parking stipend – Duh. We help people park!
• The opportunity to collaborate with fun, innovative, and passionate people in a casual yet highly productive atmosphere.
• Our commitment to allyship has been a central driver of how we Respect Fellow Drivers. You’ll have the opportunity to be part of Employee Resource Groups, access allyship learning resources, and actively contribute to our ongoing effort of making SpotHero inclusive for all.
• A workplace recognized as CityLights award winner by 1871, 2025 Best Places To Work by BuiltIn, and recipients of the Best Company Culture, Best Company for Women, and Best Company for Diversity awards from Comparably!

Compensation in Illinois:

• Depending on your skillset and experience, you can expect your base salary to be between $165,000 - $190,000 as well as a discretionary bonus and leading total rewards package including stock options.

At SpotHero, we Respect Fellow Drivers by providing an inclusive interview experience for everyone, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. Please let our team know of your need when you apply or as you begin interviewing with our team. SpotHero is an equal opportunity employer. We know that a diverse workforce is the strongest workforce, and are committed to building and supporting an inclusive environment for all. Additionally, because we want to Remember to Signal, if you choose to provide us personal information in connection with a job application, please review our Applicant Privacy Notice which provides details about what information we collect and process about you in order to consider your candidacy.
PLEASE NOTE: This position is ineligible for visa sponsorship. To be considered for this role, you must be legally authorized to work in the US and not require sponsorship for employment now or in the future.