Senior Manager, Information Security

What you’ll do

As a core technical leader, you will move from strategy to architecture to implementation, owning the results and impacts for the following operational areas:

Security Management

• Manage and lead critical security initiatives, new processes, security scrums, and technical demos to expand and mature capabilities for the organization.
• Identify, track, and monitor internal and external assets to systematically uncover and mitigate potential risks.
• Communicate identified risks clearly to internal and external stakeholders and build actionable containment plans.
• Research, evaluate, and manage the security and compliance of vendor and open-source tools with internal standards.
• Collaborate across internal and external teams to address customer security questionnaires, manage compliance audits, and represent Pindrop's security posture.
• Oversee enterprise security awareness programs and phishing simulation campaigns to drive continuous security maturity.

GenAI Security

• Define, architect, and own the overarching GenAI security frameworks, policies, standards, governance, and monitoring workflows.
• Manage security engineering for internal and customer-facing GenAI systems, ensuring secure integrations across CI/CD pipelines, LLMs, RAG models, autonomous agents, and APIs.
• Design, deploy, and improve technical controls for access management, data protection, prompt injection defense, model misuse, and model-related threats.
• Conduct exhaustive threat modeling, secure design reviews, access certifications, and security assessments.
• Build, guide, and deploy custom security tooling, automation frameworks, and secure development practices for AI and product engineering teams.
• Establish real-time threat monitoring and lead responses for AI-specific and traditional infrastructure security threats.

SecOps & Incident Response

• Lead end-to-end incident response operations, including technical investigation, containment, remediation, and post-incident root cause analysis.
• Coordinate enterprise vulnerability management lifecycles, driving identification, risk-based prioritization, remediation tracking, and cross-functional partnerships with engineering.
• Support core security operations, including security alert response queues and cross-functional security coordination.
• Review past security incidents to identify malicious attack trends, utilizing findings to fine-tune and reconfigure logging alerts to improve true-positive detection accuracy.

Who you are

• You are a Hands-On Leader: A practical, technical engineer at heart.