Security Engineering Manager

About Reverb Reverb is the largest online marketplace dedicated to buying and selling new, used, and vintage musical instruments. Since launching in 2013, Reverb has grown into a vibrant community of buyers and sellers all over the world. By focusing on inspiring content, price transparency, musician-focused e-commerce tools, a music-savvy customer service team, and more, Reverb has created an online destination where the global music community can connect over the perfect piece of music gear. We love working at Reverb because we’re making the world more musical—through our marketplace and through https://reverb.com/page/reverb-gives, which provides musical instruments to youth music education programs. We were named a “Best Place to Work” by Built in Chicago and a “Top Workplace'' by the Chicago Tribune. About the role We’re looking for an experienced Engineering Manager within the Infrastructure Engineering group to lead our Security Engineering team. Security engineering at Reverb is responsible for leading, designing, and building secure systems and practices for our e-commerce platform. They are highly involved in planning technical systems, designing secure practices, governance, and proactive engagement with the engineering and product organizations. The Security Engineering Manager leads our security engineers and analysts in protecting, planning, and building scalable, hardened systems across our architecture. You’ll be leading these security professionals by contributing to project oversight and planning, security assessments, long-term scope planning, proactive and preventative approaches, and being a collaborative management professional who can quickly lead our organization to make safe and practical decisions. This is a full-time, hybrid position reporting to the Senior Engineering Manager of our Data Engineering team. Our hybrid team members work from our Chicago office once a week [on Tuesdays]. Local candidates are preferred; however, we are open to fully remote candidates within the US for the right fit. Responsibilities Day-to-day management of security engineers and analysts at ReverbSecurity sprint planning and retrospectivesCollaborate with other engineering managers to achieve roadmap goalsPerform security reviews, audits, assessments, and remediation actions or reportingEngage in highly technical architecture feedback and design reviewsHands-on engagement with git, DevOps, and security tools to help bolster understanding with other technical teamsAdvise crucial GRC, technical, and policy to engineering leadership Requirements 2+ years leading or supervising security teams2+ years of hands-on experience with AWS, Terraform, Helm, Kubernetes, or other generalized DevOps tooling4+ years of experience in the security domain with technical expertise or contributionsTrack record of crafting, developing, and handling security projectsAbility to develop policy, process, and procedures to apply to engineering organizationsDetection and Response concepts with SIEM, EDR, Incident Management, IDS, and WAF like Cloudflare, Datadog, incident.io, etc.Experience with Vuln Management, CICD Security, BugBountyRegulatory experience such as PCI, FEDRAMP, SOX, etc.Knowledge of Authentication, RBAC, and IAM systems like Okta, AWS SSO, etcExperience with JIRA and ConfluenceExperience with Git Nice to Have Deep networking and threat modeling experienceExperience with AST tools like GHAS, Snyk, or ArmorCodeExperience with CrowdStrike platformsDeep experience with GitHub and GitHub security controlsHands-on experience with AWS EKS, Rancher, or other Kubernetes platforms Additional Information Remote-eligible roles (as indicated in the location header of each job description) are available in all U.S. states except Alaska and Hawaii. Remote roles are currently only available within the U.S. unless otherwise specified in the specific job description. Reverb offers a comprehensive total rewards package that combines base, bonus, and an array of benefits. Some of our key benefits include but are not limited to the following: 100% paid premiums for medical, dental, and vision coverage for the employee, spouse or domestic partner, and all eligible dependents. Medical coverage includes gender affirming care.Life, AD&D, and supplemental long-and short-term disability insuranceA matching 401(k)A generous PTO policy that includes vacation, sick/mental health days plus 11 paid holidays and two floating holidaysProfessional development and continued learning opportunities through access to mentoring, 1:1 coaching, and platforms like Skillsoft 18 weeks of gender-neutral parental leave for the birth or adoption of a childUp to $25,000 reimbursement of adoption and/or surrogacy related expensesPaid sabbatical programAnnual work/life stipendWays to give back to your community through volunteer time off At Reverb, we believe that an equitable and inclusive workplace where people from all backgrounds can come, stay and thrive makes us a more relevant and resilient company. Reverb is an equal opportunity employer. We do not discriminate on the basis of race, color, ancestry, religion, national origin, sexual orientation, age, citizenship, marital or family status, disability, gender identity or expression, veteran status, or any other legally protected status. We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. If, due to a disability, you need an accommodation during any part of the interview process, please let your recruiter know. We know that the impostor syndrome and confidence gap are real. Please do not hesitate to apply! Locations: Chicago, IL