Cyber Security Lead

We're looking for a Cyber Security Lead — a technical security leader who can both run a team and stay hands-on. This role owns the full technical security operations function at Manychat: Application Security, Infrastructure Security, and Endpoint Security.

You'll manage a team of security engineers, define the operational roadmap across these three domains. Reporting to the Head of Security, you'll be a key player in keeping our infrastructure and product protected and resilient.

WHAT YOU'LL DO 🚀

• Lead and grow a team of AppSec, Infra Sec, and Endpoint Security engineers (currently 3 engineers).

• Own the end-to-end security operations function: detection, monitoring, incident response, and remediation across cloud, application, and endpoint layers.

• Define and execute operational roadmaps for Application Security, Infrastructure Security, and Endpoint/Office Security.

• Drive adoption and administration of security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, DNS security, and Okta.

• Oversee cloud security posture across AWS environments.

• Run and coordinate security incident investigations: root cause analysis, containment, remediation, and post-mortems.

• Partner with Infrastructure, IT Operations, and Engineering teams to implement and improve security controls.

• Maintain security documentation: runbooks, configurations, playbooks, and operational procedures.

• Support compliance requirements (SOC 2, ISO 27001) from the technical security side.

• Represent cyber operations in cross-functional initiatives and contribute to strategic planning with the Head of Security.

TO SHINE IN THIS ROLE 💥

You'll need:

• 7+ years in technical security roles across AppSec, Infra Sec, or Endpoint Security.

• 3+ years in a lead or management role with direct reports.

• Experience with developer security tooling: SAST, SCA, secrets scanning, and DAST integration into CI/CD pipelines.

• Hands-on experience operating and administering security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, and DNS security platforms.

• Strong AWS cloud security knowledge: IAM/SSO, Security Hub, GuardDuty, CloudTrail, and AWS Config.

• Solid understanding of application security fundamentals: OWASP Top 10, SDLC security integration, and threat modelling.

• Experience with endpoint security: macOS and Windows hardening, MDM (Jamf or Microsoft Intune).

• Ability to lead security incident response: coordinating teams, driving root cause analysis, and communicating findings clearly.

• Strong communication skills — able to translate security risk into business terms for non-technical stakeholders.

• Fluent English communication skills, both written and verbal.

It would be great if you have:

• Experience operating within SOC 2 and/or ISO 27001 compliance frameworks in a SaaS environment.

• Experience managing identity and access using Okta or a comparable IAM platform.

• Background in detection engineering and SIEM log analysis.

• Digital forensics experience.

WHAT WE OFFER 🤗

We care deeply about your growth, well-being, and comfort:

• 🌍 Hybrid onboarding to start work remotely and relocation support for you and your family.

• 💙 Comprehensive health insurance for both you and your family.

• 📚 Professional development budget for conference tickets, online courses, and other relevant resources to help you grow.

• 🫶 Flexible benefits package to tailor perks that matter most for you.

• 🪴 Hybrid work and generous leave options to prioritize your work-life balance.

• 🍽️ In-office perks, including free meals and snacks.

• 🤝 Company-funded sport activities, annual offsites and team-building events.