Engineering Manager, Product Security

Klaviyo is seeking a Product Security Engineering Manager to lead our Product Security team within the Security and Trust organization. This role will support the deployment of secure applications, cater to security-aware customers, and develop internal tools for the Security Operations team to enhance monitoring and respond to security events.

The Product Security Engineering Manager will collaborate with engineering teams across Klaviyo to develop and integrate security solutions within the applications (customer facing and back end), champion and lead the development of secure code libraries, and identify opportunities to improve the Security Operations workflows.

Managerial responsibilities include:

• Create roadmaps for Product Security goals to reduce risk across the platform. OWASP top 10, Secure Code Best Practices, CIS Benchmarks are all used to measure success within Klaviyo.
• Lead a team of engineers to build security centric customer facing features within the product.
• Collaborate with Product, Engineering, Design, Legal, (and other) teams to develop and deploy impactful solutions.
• Mentor engineers and support team members in their technical development and career growth.
• Manage workloads to maintain a balance between high productivity and a healthy work life balance.
• Monitor team performance and provide continuous feedback and conducting regular employee reviews.

Technical responsibilities include:

• Oversight and development of secure code architectures and patterns that enable Klaviyo to efficiently and securely perform transactions on the platform.
• Reduce the reliance on legacy data access patterns by consolidating functionality into centralized, secure libraries.
• Understand core 3rd party solutions such as Django and React; take advantage of new security features within our code base when they are released.
• Work side by side with other Security Operations team members to assist with Detection and Response, Offensive Security, and Infrastructure hardening.
• Hands on implementation of architecture designs and library development within our code base.
• Leverage existing tooling to their fullest ensuring the teams take full advantage of our security investments.

If you are an experienced Product Security Engineer with prior team leadership and/or managed other Product Security Engineers, have a passion for mentoring and sharing your knowledge to team members, have experience with large scale web applications that process billions of transactions across multiple technologies this may be the role for you.

Requirements:

• Prior leadership experience
• 8+ years developing secure code libraries (preferably in Python)

• Have experience with the following or similar technologies

  • Python, Django, Nginx, React
  • MySQL, RabbitMQ, Redis
  • Amazon Web Services (EC2, RDS, Aurora, etc.)
  • Terraform, Packer, Jenkins, Kubernetes