Mgr, Security Engineering

EBSCO Information Services (EBSCO) delivers a fully optimized research experience, seamlessly integrated with a powerful discovery platform to support the information needs and maximize the research experience of our end-users. Headquartered in Ipswich, MA, EBSCO employs more than 2,700 people worldwide, with most embracing hybrid or remote work models. As an AI-enabled service leader, we thrive on innovation, forward-thinking strategies, and the dedication of our exceptional team. At EBSCO, we’re driven to inspire, empower and support research. Our mission is to transform lives by providing reliable and relevant information — when, where and how people need it. We’re seeking dynamic, creative individuals whose diverse perspectives will help us achieve this global, inclusive mission. Join us to help make an impact.

Your Opportunity

Are you an experienced security engineer and people leader looking for an exciting opportunity? EBSCO Information Services (EIS) has an immediate opening for a Security Engineering Manager. This role focuses on building and leading a high-performing Security Engineering Team and establishing the engineering practices, guardrails, and operating rhythms that help our product teams deliver secure, reliable software at scale.

The Security Engineering Manager will lead a team of security engineers partnering with product, platform, and infrastructure teams to reduce security risk across the software delivery lifecycle. The team enables secure-by-default patterns through threat modeling, security architecture guidance, automation, vulnerability management, and security monitoring—removing friction from delivery while raising the security bar across cloud and application environments.

What You'll Do

• As a servant leader, provide direct line management for a team of security engineers (approximately 5–6), with a focus on growth and mentorship, psychological safety, operational excellence, and measurable risk reduction.
• Work closely with product owners, engineering managers, and technical leads to embed security into planning and delivery, including threat modeling, security requirements, and secure design reviews.
• Partner with engineering leaders, architects, and delivery teams to define and evolve security architecture standards, reference designs, and secure-by-default patterns across the organization.
• Define, implement, and track security metrics (e.g., vulnerability SLAs, coverage of security testing, time-to-remediate, and control adoption) to monitor and improve security outcomes.
• Own and evolve cloud security posture practices, including identity and access management, network segmentation, secrets management, and configuration baselines, in partnership with infrastructure and platform teams.
• Stay abreast of the threat landscape, emerging vulnerabilities, and security engineering trends; translate them into pragmatic controls and engineering improvements.
• Hold regular team meetings to review security operations signals (alerts, incidents, trends) and engineering telemetry to ensure controls are effective across environments.
• Provide timely, actionable feedback and coaching; create growth plans that build security engineering depth and leadership capability.
• Drive security automation across the SDLC, including SAST/DAST, dependency scanning (SCA), secrets scanning, and infrastructure-as-code scanning.
• Reinforce secure coding standards and code health, teaching practices that reduce common vulnerabilities and improve resilience.
• Lead a pragmatic application security and vulnerability management program: triage findings, set remediation priorities with engineering, and track SLA performance.
• Encourage collaborative security partnering with engineering teams (office hours, pairing on fixes, design reviews) to unblock delivery while improving security outcomes.
• Foster a growth mind-set in all employees; enable security craftsmanship, automation, and innovation.
• Advocate for the team and promote successes, share lessons learned from incidents and findings, and communicate security risk and progress clearly to stakeholders.
• Lead with accountability, autonomy, empowerment and manage the appropriate boundaries to achieve the result of having self-directed work teams.
• Attract, recruit, retain, and develop top engineering talent.
• Live the principles behind the Agile Manifesto and SAFe framework in all interactions and equip the team to do the same.
  
  

About You

• 5–7 years recent software development experience as an individual contributor, Team Leader, or Senior Engineer mentoring junior engineers.
• Experience building and shipping production systems across at least 2 full product cycles.
• Active use of modern development practices such as Git workflows, CI/CD, containerization, or cloud platforms
• Ability to translate security and risk requirements into actionable engineering work (backlog items, guardrails, automation, and measurable outcomes).
• Self-motivated, detail oriented, responsible; strong collaboration skills and the ability to prioritize and re-prioritize quickly based on risk and business impact.
• Strong sense of ownership and desire to solve complex security and technical challenges, including vulnerability remediation, secure design, and incident-driven engineering improvements.
  
  

Pay Range

USD $124,770.00 - USD $178,240.00 /Yr.