Acquia

Manager, Security Engineering

Acquia$120K — $150K *
US-AnywhereRemote in Canada
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in security engineering management, particularly in application and cloud security.
  • Hands-on experience with SAST, DAST, and SCA tooling like Semgrep and Snyk.
  • Deep understanding of AWS security practices including IAM and container workloads.
  • Knowledge of AI security challenges, including OWASP LLM Top 10 and agentic AI vulnerabilities.
  • Strong grasp of compliance frameworks like ISO/SOC, PCI, and FedRAMP.
  • Exceptional communication skills for effective interaction with non-technical stakeholders.
  • Experience with AI-assisted security tools to enhance team productivity.

Responsibilities

  • Manage and mentor a team of security engineers to enhance their skills and career growth.
  • Define and execute a strategic roadmap for security engineering aligned with business objectives.
  • Translate complex risks into actionable tasks for the engineering team.
  • Champion security practices integrated into the software development lifecycle.
  • Lead proactive investigations into cloud-native security vulnerabilities.
  • Define and enforce cloud security standards across AWS environments.
  • Consult with Product Engineering teams on secure implementation practices.

Benefits

  • Competitive healthcare coverage.
  • Wellness programs to support physical and mental health.
  • Generous time-off policy allowing for flexible use.
  • Parental leave to support family growth.
  • Recognition programs to celebrate employee contributions.
Full Job Description
Role Overview

As the Manager of Security Engineering, you lead a specialized team of security engineers focused on application security, cloud security, and AI system security across Acquia's product portfolio. Operating on an evidence-based engineering model, your team proactively researches and identifies systemic security gaps to build automated controls and guardrails. By securing cloud-native applications and services across AWS, you enable Acquia's Product teams to inherit a "secure by default" foundation. You act as the critical nexus between Security Operations and Product Engineering, translating complex technical risks into actionable roadmaps that align with overarching business objectives-including the secure adoption of AI technologies.
Key Responsibilities
Team Leadership & People Management
  • Manage, mentor, and grow a dedicated team of security engineers.
  • Conduct continuous performance evaluations (quarterly and annually) to guide professional development and advocate for promotions.
Technical Strategy & Roadmap Execution
  • Define and execute a forward-looking security engineering roadmap aligned with Product Engineering needs and broader business initiatives, including the secure enablement of AI technologies.
  • Translate high-level business direction into actionable quarterly deliverables for the team.
  • Establish and measure team success against the completion of quarterly goals and the continuous improvement of annual compliance audit results.
Application Security & Secure SDLC
  • Champion shift-left security practices, including threat modeling, secure code review, and developer security training embedded in the software development lifecycle.
  • Own and scale application security tooling-SAST, DAST, and SCA platforms-to systematically surface and remediate vulnerabilities across product codebases.
  • Shift the security paradigm from manual operational cleanup to building automated solutions and guardrails that eliminate entire classes of vulnerabilities.
Evidence-Based Engineering & Cloud Security Architecture
  • Lead "research spikes" to proactively investigate cloud-native environments and identify systemic security gaps before they become incidents.
  • Ensure all security initiatives are rooted in clear findings and deliver exact, architectural fixes (code or configuration) to resolve them.
  • Define and enforce cloud security standards spanning IAM, API security, secrets management, and container workloads across AWS environments.
Agentic AI & LLM Security
  • Define and enforce security standards for internal enterprise AI systems, including LLM-based agents, RAG pipelines, and AI-integrated workflows-covering risks such as prompt injection, data exfiltration, and privilege escalation.
  • Lead threat modeling for agentic AI systems where models have access to tools, APIs, or sensitive data.
  • Partner with AI/ML engineering teams to embed security review into AI development lifecycles, from model selection through deployment.
  • Evaluate and deploy AI-native security tooling to augment the team's detection, triage, and remediation capacity.
Cross-Functional Collaboration & Influence
  • Act as an internal consultant and advisory body to Product Engineering teams, guiding them on secure implementation practices.
  • Communicate complex, highly technical security risks effectively to non-technical project managers and stakeholders.
  • Influence and negotiate with software developers to prioritize and remediate vulnerabilities within their workflows.
  • Serve as the primary technical bridge between Product Engineering and Security Operations, providing guidance on cloud and Kubernetes security configurations.
Qualifications & Technical Requirements
  • Application Security: Hands-on experience with SAST, DAST, and SCA tooling (e.g., Semgrep, Snyk, Veracode, or equivalents) and guiding engineering teams on remediation.
  • Cloud Security: Deep understanding of securing cloud-native applications and services on AWS, including IAM, API Gateway, secrets management, and container workloads.
  • AI Security: Working knowledge of OWASP LLM Top 10, agentic AI attack surfaces (tool abuse, prompt injection, memory poisoning), and security considerations for AI systems with external integrations.
  • AI Tooling: Experience using AI-assisted security tools-such as AI-powered SAST, copilot-assisted code review, or agentic vulnerability triage-to scale team output.
  • Compliance Acumen: Strong working knowledge of the technical implications of operating within strict compliance frameworks, including ISO/SOC, PCI, and FedRAMP.
  • Communication Skills: Exceptional ability to translate highly technical concepts for non-technical stakeholders and the interpersonal skills required to influence engineering teams without direct reporting authority.

We are an organization that embraces innovation and the potential of AI to enhance our processes and improve our work. We are always looking for individuals who are open to learning new technologies and collaborating with AI tools to achieve our goals.

Acquia is proud to provide best-in-class benefits to help our employees and their families maintain a healthy body and mind. Core Benefits include: competitive healthcare coverage, wellness programs, take it when you need it time off, parental leave, recognition programs, and much more!

We are seeking an AI-Native candidate who treats AI not as an external tool, but as a fundamental extension of their cognitive workflow. The ideal candidate possesses an orchestration mindset-the ability to skillfully prompt, manage, and direct AI to navigate complexity-and maintains a high degree of AI fluency.

You should be characterized by radical adaptability and a "builder" mentality, showing a restless drive to transform traditional work processes into agentic workflows. Beyond technical proficiency, we value intellectual humility: the willingness to constantly unlearn old methods in favor of more efficient, AI-augmented processes. You don't just use AI to do your job; you use it to redefine what your job can achieve.

About Acquia

Acquia is a software company that provides cloud-based digital experience management solutions. The company was founded in 2007 and is headquartered in Boston, Massachusetts. Acquia's products and services include content management, digital asset management, personalization, and commerce. The company serves a wide range of industries, including healthcare, government, and higher education. Acquia is committed to open source technology and is a major contributor to the Drupal content management system. The company has received numerous awards for its innovative products and services.
Learn more about Acquia
Size
1,000 employees
Industry
Founded
2007

Similar Jobs

More Jobs at Acquia

More Information Technology Jobs

Find similar Manager, Security Engineering jobs: