Engineering Manager, Security
2 weeks ago
Reporting to the Security Engineering Director, the Engineering Manager for Security Engineering will lead the Olo Security Blue Team and manage the security defenses that allow our systems to keep running while protecting the data of our clients and their customers.
You will help us fortify our defenses and protect the systems that allow people to order their food quickly and securely. If you are passionate about reducing risk while supporting innovation we encourage you to apply
You can work remotely from anywhere in the U.S. or at Olo's headquarters in NYC.
What You'll Do
- Guide and coach Olo's Blue Team on Information Protection, Incident Detection and Response and Service Delivery.
- You will recruit, develop, and scale a team of world-class security engineers, providing strategic and tactical oversight to the team and the program.
- Support a team of security engineers and analysts who hunt, detect, and respond to internal and external threats.
- Collaborate with customers and partners to strengthen their security posture.
- Drive ongoing optimizations by implementing new technologies, replacing technologies, addressing evolving threats, scaling practices and automating security activities.
- Ultimately, you will keep team and customer data secure by identifying and mitigating vulnerabilities and risks by providing actionable guidance to product teams.
Information Protection
Lead Olo's Information Protection program including the selection, testing, implementation and maintenance of security tools and services, security awareness, service provider management and the ongoing testing of those controlsOversee Vulnerability Management program including vulnerability assessments, risk scoring and vulnerability resolution.Oversee Threat Hunting program to detect and mitigate advanced threatsManage non-event-driven security reviews, including concept reviews, design reviews, patching, firewall rules, and system configuration checks.Apply Web application and API security principles and techniques, such as zero trust, RBAC, authentication, authorization, auditing, rate limiting, challenges, etc., to protect our cloud-based services from unauthorized access and abuseIncident Detection and Response
Oversee Incident Detection and Response program including ownership of incident response processes, tools and services and the ongoing continuous improvement of those controls.Coordinate the detection and response to attacks through all incident phases.Ensure incident reports are accurate, detailed and relevant.Monitor, detect, and remediate misconfigurations and security risks across our cloud environments. Participate in a 24/7 on-call rotation.Security Services
Oversee Security Services program including security support requests, risk assessments, vendor assessments, PCI and SOC audit support and service provider management.What We'll Expect From You
- 5+ years of Security Engineering, Security Operations or Security Architecture experience
- CISSP, GCIH or similar certification preferred
- Experience managing distributed teams consisting largely of remote engineers
- Experience complying with PCI-DSS and other compliance and regulatory standards
- Experience with attacker tactics, techniques and procedures
- Knowledge of information technology, evolving threats, attack patterns, incident response and cyber security standards.
- Experience developing and leading incident response, remediation and mitigation activities, and providing status updates and reports.
- Experience analyzing security events to discern events that qualify as a legitimate security incident as opposed to non-incidents (ie. incident investigation, implementing countermeasures, and conducting incident response).
- Deep understanding of operating system, networking and application concepts
- Experience hardening Windows, MacOS, Linux Containers and Kubernetes
- Familiarity with AWS security best practices and Infrastructure-as-Code
- Experience deploying and maintaining security technologies. (e.g. Access Proxies, API Gateway, Anti-Malware, Application Control, Cloud Security Posture, Data Leak Prevention, Data Mapping, Endpoint Detection & Response, Intrusion Detection System, File Integrity Monitoring, Firewalls, Mobile Device Management, Multi Factor Authentication, SIEM, Static Inspection, Vulnerability Assessment, Web Proxies, WAF and Zero Trust).
- Adept at working with internal Product & Engineering, Legal, People & Culture, Finance and GTM teams and external partners, auditors and customers
- Ability to work during critical incidents or to support coverage requirements
About Olo
Olo is the engine of hospitality powering the restaurant industry's digital transformation. As a leading open SaaS platform, we enable over 700 restaurant brands to jointly reach 85 million connected guests across approximately 80,000 locations. More than two million orders per day run on Olo's platform, allowing brands to maximize the convergence of digital and brick-and-mortar operations while raising the bar on hospitality. The result: brands do more with less and make every guest feel like a regular. With integrations to over 300 technology partners, our customers can build digital experiences with the largest and most flexible restaurant commerce ecosystem on the market. You have likely used Olo and not even known it Learn more at
We're remote-friendly. Since 2015, we have been evolving our culture to continue to support a more distributed workforce and now over 75% of our team works remotely across the U.S. If you're in the New York City area, you can choose to work remotely or from Olo's headquarters, located in Tribeca.
We offer great benefits, such as 20 days of paid time off, 10 separate sick days, 11 holidays plus year-end closure, fully paid health, dental and vision care premiums, a 401k match, remote-office stipend, company equity, a generous parental leave plan, volunteer time off, gift matching policy, and more
Our best estimate of the compensation range for this opportunity is $162k-230k annually depending on the experience you bring and your location. We look forward to discussing your salary expectations and our full total rewards offerings throughout the interview process.
We encourage you to apply
We value diversity. At Olo, we know a diverse and inclusive team makes our workplace better. Don't meet every single qualification in the job description? Market data shows that women and people of color are less likely to apply to jobs unless they meet every single qualification. We are dedicated to building a diverse, inclusive, and authentic workplace that is free from discrimination and harassment; this allows us to make better decisions and better serve the communities we're a part of. So if you're excited about this role but your previous experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
All applicants receive consideration for employment. We do not discriminate on the basis of race, religion, color, national origin, gender identity, sexual orientation, pregnancy, age, marital status, veteran status, or disability status.
California Residents: CCPA notice
-
Security Engineer
2 weeks ago
New York, New York, United States Flow Traders Full timeFlow Traders is looking for a Security Engineer to join our growing Technology team in New York. The ideal candidate has hands on experience across the spectrum of cyber security tools and is comfortable working with an international team to manage day to day security operations and security projects. This is a unique opportunity to join a leading...
-
Security Engineer
4 weeks ago
New York, New York, United States Flow Traders Full timeFlow Traders is looking for a Security Engineer to join our growing Technology team in New York. The ideal candidate has hands on experience across the spectrum of cyber security tools and is comfortable working with an international team to manage day to day security operations and security projects. This is a unique opportunity to join a leading...
-
Principle Security Engineer
2 months ago
New York, New York, United States Motion Recruitment Full timeA financial startup in NYC is looking for a Principle Cybersecurity Engineer to help develop their cybersecurity program. The company has been going since 2021, and has developed a rewards program for renters in NYC by partnering with various financial companies. Their Head of Engineering has been handling cybersecurity with the help of an external service,...
-
Principle Security Engineer
2 weeks ago
New York, New York, United States Motion Recruitment Full timeA financial startup in NYC is looking for a Principle Cybersecurity Engineer to help develop their cybersecurity program. The company has been going since 2021, and has developed a rewards program for renters in NYC by partnering with various financial companies. Their Head of Engineering has been handling cybersecurity with the help of an external service,...
-
Application Security Engineer
2 months ago
New York, New York, United States OPT Nation Full timeIn this role you will work closely with development teams across platform engineering to ensure our applications are secure. We are looking for a skilled application security engineer to analyze software designs and implementations from a security perspective and identify and resolve security issues. You will perform security analysis and implement controls...
-
Application Security Engineer
2 weeks ago
New York, New York, United States OPT Nation Full timeIn this role you will work closely with development teams across platform engineering to ensure our applications are secure. We are looking for a skilled application security engineer to analyze software designs and implementations from a security perspective and identify and resolve security issues. You will perform security analysis and implement controls...
-
Network Security Engineer
2 weeks ago
New York, New York, United States Michael Page Full timeAbout Our Client The Network Security Engineer will work for a leading Financial Services firm in New York, NY and be on-site in a hybrid capacity. Job DescriptionResponsibilities: Install, configure, and test various security tools and technologies.Manage firewalls and rule bases to protect the network with minimal disruption.Collaborate with IT to design...
-
Network Security Engineer
2 weeks ago
New York, New York, United States Hudson River Trading LLC Full timeNetwork Security EngineerNew York, NYDeploy & maintain net sec perimeters & prods, & manage the full opt lifecycle to drive secure net strat. Build, manage, & monitor the secure net for glbl trading & rsrch infra. Design, test, & config IPSec & SSL VPNs. Decode & analyze net data utilizing tools such as tcpdump & Wireshark. Trblst net issues, incl Ethernet &...
-
Network Security Engineer
3 weeks ago
New York, New York, United States Hudson River Trading LLC Full timeNetwork Security EngineerNew York, NYDeploy & maintain net sec perimeters & prods, & manage the full opt lifecycle to drive secure net strat. Build, manage, & monitor the secure net for glbl trading & rsrch infra. Design, test, & config IPSec & SSL VPNs. Decode & analyze net data utilizing tools such as tcpdump & Wireshark. Trblst net issues, incl Ethernet &...
-
Channel Account Manager
1 week ago
New York, New York, United States Picus Security Full timeAre you passionate about technology and enjoy explaining complex solutions in a way that everybody gets excited? If so, read onAbout PicusPicus Security is a place where exceptional people gather to do their best work. We convert new ideas to exceptional solutions and great customer experiences. Bring passion and dedication to your job and there's no telling...
-
Apple Mac Infrastructure Security Engineer
3 weeks ago
New York, New York, United States Mitchell Martin Inc Full timeOur client, a global financial services firm and a market leader in securities, asset management and credit services, is seeking an Apple Mac Infrastructure Security EngineerLocation: New York, NYPosition Type: ContractJob Summary:An Apple Mac Infrastructure Security Engineer is required to work in the Enterprise Security Platforms (ESP) Endpoint Security...
-
Apple Mac Infrastructure Security Engineer
2 weeks ago
New York, New York, United States Mitchell Martin Inc Full timeOur client, a global financial services firm and a market leader in securities, asset management and credit services, is seeking an Apple Mac Infrastructure Security EngineerLocation: New York, NYPosition Type: ContractJob Summary:An Apple Mac Infrastructure Security Engineer is required to work in the Enterprise Security Platforms (ESP) Endpoint Security...
-
Product Security Engineer
3 weeks ago
New York, New York, United States Kustomer Full timeAbout KustomerKustomer is the industry leading conversational CRM platform perfecting every customer experience. Built with intelligent tools such as AI and Automation, no code-configuration and a connected data platform that unifies data from multiple sources through a single timeline, Kustomer empowers businesses to operate with greater efficiency and...
-
Product Security Engineer
2 weeks ago
New York, New York, United States Kustomer Full timeAbout KustomerKustomer is the industry leading conversational CRM platform perfecting every customer experience. Built with intelligent tools such as AI and Automation, no code-configuration and a connected data platform that unifies data from multiple sources through a single timeline, Kustomer empowers businesses to operate with greater efficiency and...
-
Senior Security Engineer, Application Security
2 months ago
New York, New York, United States Grow Therapy Full timeWhat You'll Be Doing:We are looking for a Senior Security Engineer to help us establish the Application Security vertical of Grow Therapy, and who will help build a secure product platform for Grow. You'll be the first hire in this area, and will report directly to our Head of Security Your responsibilities will include: Identify and implement improvements...
-
Security Sales Engineer
4 weeks ago
New York, New York, United States Motion Recruitment Full timeA successful startup offering a detection engineering platform is looking to onboard a Security Sales Engineer in the West Coast This is a great opportunity for an experienced SE to solve customer issues in the Sec Ops space.Required Skills & Experience:1+ years of Sales Engineering Background selling security analytics/SIEM toolsNice to Have:Hands on...
-
Security Sales Engineer
2 days ago
New York, New York, United States Motion Recruitment Full timeA successful startup offering a detection engineering platform is looking to onboard a Security Sales Engineer in the West Coast This is a great opportunity for an experienced SE to solve customer issues in the Sec Ops space.Required Skills & Experience:1+ years of Sales Engineering Background selling security analytics/SIEM toolsNice to Have:Hands on...
-
Senior Security Engineer, Application Security
2 months ago
New York, New York, United States tapwage Full timeAbout us:Grow Therapy is on a mission to serve as the trusted partner for therapists growing their practice, and patients accessing high-quality care. Powered by technology, we are a three-sided marketplace that empowers providers, augments insurance payors, and serves patients. Following the mass increase in depression and anxiety, the need for...
-
Senior Software Security Engineer
2 months ago
New York, New York, United States Motion Recruitment Full timeA marketing automation SaaS company is looking for a Senior Software Security Engineer to work with their development team. We're looking for someone who comes from a software development background and is also comfortable working with SDLC security tooling, like SAST and web app penetration testing tooling. You'll be helping to develop our application while...
-
Senior Software Security Engineer
2 weeks ago
New York, New York, United States Motion Recruitment Full timeA marketing automation SaaS company is looking for a Senior Software Security Engineer to work with their development team. We're looking for someone who comes from a software development background and is also comfortable working with SDLC security tooling, like SAST and web app penetration testing tooling. You'll be helping to develop our application while...