Job Description
WHO WE ARE π
We help creators get more out of every conversation with Instagram-focused automations and support for other channels like Instagram, Facebook Messenger, WhatsApp, and TikTok. The result? Better engagement, more sales, and real, sustainable growth.
With a diverse team of 400+ people spread across three continents, weβre building the leading Chat Marketing platform that is used β and loved β by more than 1.5 million customers worldwide.
WHO WE'RE LOOKING FOR π
We're looking for a Cyber Security Lead β a technical security leader who can both run a team and stay hands-on. This role owns the full technical security operations function at Manychat: Application Security, Infrastructure Security, and Endpoint Security.
You'll manage a team of security engineers, define the operational roadmap across these three domains. Reporting to the Head of Security, you'll be a key player in keeping our infrastructure and product protected and resilient.
WHAT YOU'LL DO π
- Lead and grow a team of AppSec, Infra Sec, and Endpoint Security engineers (currently 3 engineers).
- Own the end-to-end security operations function: detection, monitoring, incident response, and remediation across cloud, application, and endpoint layers.
- Define and execute operational roadmaps for Application Security, Infrastructure Security, and Endpoint/Office Security.
- Drive adoption and administration of security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, DNS security, and Okta.
- Oversee cloud security posture across AWS environments.
- Run and coordinate security incident investigations: root cause analysis, containment, remediation, and post-mortems.
- Partner with Infrastructure, IT Operations, and Engineering teams to implement and improve security controls.
- Maintain security documentation: runbooks, configurations, playbooks, and operational procedures.
- Support compliance requirements (SOC 2, ISO 27001) from the technical security side.
- Represent cyber operations in cross-functional initiatives and contribute to strategic planning with the Head of Security.
TO SHINE IN THIS ROLE π₯
You'll need:
- 7+ years in technical security roles across AppSec, Infra Sec, or Endpoint Security.
- 3+ years in a lead or management role with direct reports.
- Experience with developer security tooling: SAST, SCA, secrets scanning, and DAST integration into CI/CD pipelines.
- Hands-on experience operating and administering security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, and DNS security platforms.
- Strong AWS cloud security knowledge: IAM/SSO, Security Hub, GuardDuty, CloudTrail, and AWS Config.
- Solid understanding of application security fundamentals: OWASP Top 10, SDLC security integration, and threat modelling.
- Experience with endpoint security: macOS and Windows hardening, MDM (Jamf or Microsoft Intune).
- Ability to lead security incident response: coordinating teams, driving root cause analysis, and communicating findings clearly.
- Strong communication skills β able to translate security risk into business terms for non-technical stakeholders.
- Fluent English communication skills, both written and verbal.
It would be great if you have:
- Experience operating within SOC 2 and/or ISO 27001 compliance frameworks in a SaaS environment.
- Experience managing identity and access using Okta or a comparable IAM platform.
- Background in detection engineering and SIEM log analysis.
- Digital forensics experience.
WHAT WE OFFER π€
We care deeply about your growth, well-being, and comfort:
- π Hybrid onboarding to start work remotely and relocation support for you and your family.
- π Comprehensive health insurance for both you and your family.
- π Professional development budget for conference tickets, online courses, and other relevant resources to help you grow.
- π«Ά Flexible benefits package to tailor perks that matter most for you.
- πͺ΄ Hybrid work and generous leave options to prioritize your work-life balance.
- π½οΈ In-office perks, including free meals and snacks.
- π€ Company-funded sport activities, annual offsites and team-building events.
Manychat is an Equal Opportunity Employer. We're committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual preference, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance.
This commitment is also reflected through our candidate experience. If you have individual needs that may require an accommodation during the interview process, please indicate this in your application. We will do our best to provide assistance throughout your interview process to ensure you're set up for success.
With my application, I accept the Manychat Privacy Policy.