Enterprise Security Manager

Summary

Join Accretive Technology Group as their Enterprise Security Manager, leading the development and execution of security initiatives across various environments. You will build and manage a high-performing security team, define and implement the security program, and ensure compliance with standards like PCI-DSS. This role involves strategic planning and technical execution, requiring a broad understanding of modern security challenges. You will collaborate with stakeholders, design a long-term roadmap, and protect the integrity of systems and services. The position offers a hybrid of remote and on-site work options, with a competitive salary and benefits package.

Requirements

• Proven experience in information security, including leadership or management of technical teams
• Proven success building or scaling security programs in distributed, high-growth environments
• Deep understanding of secure systems and network architecture in production and enterprise environments
• Experience with both cloud and on-prem infrastructure security, endpoint protection, and secure SDLC
• Proficiency with scripting or development languages (Python, Go, Bash, etc.) and a strong belief in automation wherever possible
• Familiarity with compliance frameworks like PCI-DSS, SOC 2, and GAAP-aligned IT controls
• Strong communicator — clear, confident, and effective across technical and non-technical audiences
• Hands-on familiarity with security tools such as CrowdStrike, Wiz, ELK, Wazuh, Falco, Prometheus, Grafana, or similar platforms

Responsibilities

• Build and lead a small, high-performing security team — hiring, mentoring, and developing engineers and analysts
• Define and drive the vision, roadmap, and execution of our security program across enterprise, development, and production environments
• Lead vulnerability management efforts, including internal/external scans, real-time monitoring, bug bounty programs, and vulnerability disclosure (VDP)
• Design and implement tooling — including SIEM, SOAR, EDR, IDS, and logging platforms — to ensure visibility, threat detection, and automated response
• Monitor evolving threat landscapes, lead incident response protocols, and develop systems for proactive risk management
• Guide secure development efforts and partner with engineering teams on remediation strategies
• Serve as the primary point of contact for PCI-DSS compliance, including oversight of scanning, remediation, and certification. Ensure the team maintains active PCI-ISA credentials
• Lead audit readiness and evidence preparation for SOC 2, GAAP, and other regulatory IT audits, including control design and remediation efforts
• Partner cross-functionally with infrastructure, development, IT, and compliance to embed security throughout the organization
• Represent the company in the broader security community — contributing to research, attending or speaking at conferences, and helping elevate the team’s visibility
• Foster continuous learning by supporting training, certifications, and conference attendance for security team members
• Develop and communicate clear risk metrics, KPIs, and reports to leadership and stakeholders

Preferred Qualifications

• Have given talks or published research at security conferences like DEFCON, Black Hat, ToorCon, etc
• Have experience with large-scale networking (BGP), DDoS mitigation, and globally distributed systems
• Enjoy analyzing high-volume log data and surfacing actionable insights
• Have participated in CTFs, red team exercises, or collegiate cyber competitions
• Are active in bug bounty programs — send us your profile!
• Have deep knowledge of Linux internals, eBPF, WAF evasion, packet analysis, and related domains
• Have familiarity with Microsoft enterprise environments (Windows, Azure, and compliance considerations)
• Hold certifications such as OSCP, OSCE, or similar (a plus, not required)
• Earned a degree in a STEM or engineering discipline (also not required — skill matters most)

Benefits

• Employer-paid Medical, Dental, and Vision benefits
• Life & Disability Insurance Coverage
• Health Care FSA
• Daycare FSA
• 401(k) with a 50% contribution match (no limit)
• Generous Vacation and PTO plan
• Paid Holidays
• Semi-Annual Profit Sharing
• Gym/Equivalent Exercise Program Reimbursement
• $175 transportation Reimbursement ($100 of this may be used for home internet for remote and hybrid employees)
• Dedicated annual budget for training, certifications, and conference attendance
• Flexible remote work (with the option to work from our Seattle HQ)
• High ownership and impact — help build a world-class security program from the ground up