Engineering Manager, Information Security

Summary

Join GameChanger's Information Security team as the Information Security Engineering Manager, leading a team focused on building and scaling security practices. This hands-on role blends leadership, technical expertise, and collaboration with various departments. You will own the information security backlog, drive initiatives in incident response and vulnerability management, and lead compliance efforts. Partnering with engineering, you'll embed security into the SDLC and champion a security-first culture. Translate technical risks into business terms and contribute to the team's on-call rotation. This role reports to the Director of Information Security and shapes the future of the security program.

Requirements

• 5+ years of experience in Information Security, including 2+ years managing or mentoring security teams
• Experience with application and cloud security in modern SaaS environments (preferably AWS), including IAM, encryption, secrets management, and infrastructure-as-code security
• Background in GRC frameworks and driving compliance efforts (NIST CSF 2.0, SOC 2, etc.) from assessment to remediation
• Hands-on familiarity with security tools and practices such as vulnerability scanning, SIEM, DLP, and endpoint detection (EDR)
• Collaboration with software engineers, product managers, and infrastructure teams to embed security in the development lifecycle
• Strength in frame technical risks for executives just as easily as you can dive deep with engineers
• Balance pragmatism with security best practices and you know how to earn buy-in and move security forward without slowing the business down

Responsibilities

• Lead and mentor the Information Security team, setting clear priorities, fostering autonomy, and supporting career development
• Own and evolve the information security backlog. Identify, assess, and prioritize risks, propose and implement mitigations, and communicate decisions across stakeholders
• Drive initiatives in incident response, vulnerability management, and security automation, while enabling secure product development through close collaboration with Engineering
• Lead compliance initiatives, including internal assessments (NIST CSF 2.0), external audits, and third-party vendor reviews
• Partner with Engineering to review system and architecture designs, code changes, and deployment processes embedding security into the SDLC
• Champion a culture of security-first thinking through cross-functional collaboration, internal training, and running a company-wide security steering committee
• Participate in the team's on-call rotation for triaging alerts and responding to security incidents
• Translate technical risks into business terms and actionable outcomes

Benefits

• Work remotely throughout the US* or from our well-furnished, modern office in Manhattan, NY
• Unlimited vacation policy
• Paid volunteer opportunities
• Technology stipend - $4,000 every 2 years after your start to make sure you have the latest and greatest technology
• WFH stipend - $500 annually to make your WFH situation comfortable
• Learning stipend - $500 annually towards continued development
• Monthly physical, mental, wellness & learning stipend offered through Holisticly
• Monthly lifestyle stipend offered through Fringe
• Full health benefits - medical, dental, vision, prescription, FSA, HRA, HSA, and coverage for family/dependents
• Retirement savings - Traditional and Roth 401K plans are offered through Vanguard, with an immediate company match
• Life insurance - basic life, supplemental life, and dependent life
• Disability leave - short-term disability and long-term disability
• Company paid parental leave - up to 20 weeks for birthing parents and up to 12 weeks for non-birthing parents
• Family building benefits offered through Progyny
• DICK'S Sporting Goods and their family of brands teammate discount