FreeHire

Manychat

Cyber Security Lead

Show

We're looking for a Cyber Security Lead — a technical security leader who can both run a team and stay hands-on. This role owns the full technical security operations function at Manychat: Application Security, Infrastructure Security, and Endpoint Security.

You'll manage a team of security engineers, define the operational roadmap across these three domains. Reporting to the Head of Security, you'll be a key player in keeping our infrastructure and product protected and resilient.

WHAT YOU'LL DO 🚀

  • Lead and grow a team of AppSec, Infra Sec, and Endpoint Security engineers (currently 3 engineers).

  • Own the end-to-end security operations function: detection, monitoring, incident response, and remediation across cloud, application, and endpoint layers.

  • Define and execute operational roadmaps for Application Security, Infrastructure Security, and Endpoint/Office Security.

  • Drive adoption and administration of security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, DNS security, and Okta.

  • Oversee cloud security posture across AWS environments.

  • Run and coordinate security incident investigations: root cause analysis, containment, remediation, and post-mortems.

  • Partner with Infrastructure, IT Operations, and Engineering teams to implement and improve security controls.

  • Maintain security documentation: runbooks, configurations, playbooks, and operational procedures.

  • Support compliance requirements (SOC 2, ISO 27001) from the technical security side.

  • Represent cyber operations in cross-functional initiatives and contribute to strategic planning with the Head of Security.

TO SHINE IN THIS ROLE 💥

You'll need:

  • 7+ years in technical security roles across AppSec, Infra Sec, or Endpoint Security.

  • 3+ years in a lead or management role with direct reports.

  • Experience with developer security tooling: SAST, SCA, secrets scanning, and DAST integration into CI/CD pipelines.

  • Hands-on experience operating and administering security tooling: EDR, SIEM, DAST/SAST, WAF, VPN, and DNS security platforms.

  • Strong AWS cloud security knowledge: IAM/SSO, Security Hub, GuardDuty, CloudTrail, and AWS Config.

  • Solid understanding of application security fundamentals: OWASP Top 10, SDLC security integration, and threat modelling.

  • Experience with endpoint security: macOS and Windows hardening, MDM (Jamf or Microsoft Intune).

  • Ability to lead security incident response: coordinating teams, driving root cause analysis, and communicating findings clearly.

  • Strong communication skills — able to translate security risk into business terms for non-technical stakeholders.

  • Fluent English communication skills, both written and verbal.

It would be great if you have:

  • Experience operating within SOC 2 and/or ISO 27001 compliance frameworks in a SaaS environment.

  • Experience managing identity and access using Okta or a comparable IAM platform.

  • Background in detection engineering and SIEM log analysis.

  • Digital forensics experience.

WHAT WE OFFER 🤗

We care deeply about your growth, well-being, and comfort:

  • 🌍 Hybrid onboarding to start work remotely and relocation support for you and your family.

  • 💙 Comprehensive health insurance for both you and your family.

  • 📚 Professional development budget for conference tickets, online courses, and other relevant resources to help you grow.

  • 🫶 Flexible benefits package to tailor perks that matter most for you.

  • 🪴 Hybrid work and generous leave options to prioritize your work-life balance.

  • 🍽️ In-office perks, including free meals and snacks.

  • 🤝 Company-funded sport activities, annual offsites and team-building events.