Senior Engineering Manager, Product Security Engineering (Paved Paths)

GitHub is changing how the world builds secure software and we want you to help change the way we secure GitHub. We’re looking for a Senior Engineering Manager for our Product Security Paved Paths team. GitHub is a remote-first company and the team is geographically distributed across North America. This means you could either work from home like most of our Hubbers or in one of our offices in select cities!

The Product Security Paved Paths team creates and adapts high-impact libraries, foundations, and tools that allow our developers to move faster by eliminating whole categories of security risk. Utilizing modern web standards and knowledge of GitHub’s tech stack, the team creates intuitive, self-serve experiences for both GitHub and the world's developers. 

To get specific, here are some examples of the work driven by the Product Security Paved Paths team:

• Improving ActiveRecord::Encryption to allow for per-column derived keys and robust key rotation

• Evolving github.com’s best-in-class Content Security Policy

• Implementing new and emerging web security standards, such as Trusted Types at scale

• Open sourcing and upstreaming security improvements into community libraries such as Ruby on Rails

• Encouraging and enabling the adoption of paved paths both internally and externally in both written and verbal formats such as open source/inner-source contributions, blog posts, social media, and static analysis to prompt for usage

The primary goal of this job is to enable every team member to do the best work of their life. As an engineering manager, you will lead a group of highly technical development-focused security engineers, advocate for them, guide technical discussions, work to hire a diverse group of incredibly talented people, and ship impactful new security capabilities to GitHub’s engineering teams.

If you have a foundation in software engineering, an interest in security engineering, enjoy supporting humans across all experience levels, and fancy helping to build and manage a world-class security team, then this might be the gig for you.

Some of the outcomes we hope you will drive and norms we hope you’ll maintain:

• Team members feel fulfilled and like they can bring their authentic selves to work
• Your team of talented and motivated Hubbers is supported in their career by prioritizing weekly team syncs, consistent 1:1s, individual development planning, and performance reviews
• The team is supported in technical leadership and has an established culture of mentorship, pairing, and code reviews to encourage the growth of others
• Security improvements are shipped early and often to our products and engineering teams to help ensure that they are serving the needs of our developers and customers in a way proportionate to our investment in them
• The team uses a data-informed approach to deciding on new projects, and operates like an embedded product team within Product Security, focusing our internal engineering teams as our customer.
• Leadership and teams across security and engineering have a clear understanding of the direction and progress of the team’s projects and the reasoning behind the decisions made for these projects

We value collaboration, empathy, quality, positive impact, and shipping. You will excel when the way you work reflects these values. We want you to enable every team member to feel fulfilled by their work, and we'll partner to provide the same to you.

In this position, you will work closely with the Senior Director of Product Security Engineering. You will also be part of a community dedicated to making a positive impact at work and, more broadly, with GitHub at the center of the software ecosystem.

Minimum Qualifications:

• 2+ years of experience leading software engineering teams
• Experience building and maintaining services or libraries with large scale of usage either externally or within an organization
• Familiarity with modern software development practices used to build and deploy web or other server applications

Preferred Qualifications:

• Passionate about fostering good engineering practices and processes
• Experience developing a strategy and roadmap for your teams
• Experience with hiring and growing teams
• A high comfort level with asynchronous work environments
• Proven written and verbal communication skills and ability to understand the value and drivers behind adjusting style and tone for a given audience, including technical and non-technical peers and leaders across the company

You may be a good fit if:

• You love coaching, mentoring, sponsorship, and helping others improve.
• You are tenacious, highly organized, and laser-focused when working toward a goal.
• Your decisions are inclusive and timely.
• You have participated in developing and implementing appropriate and effective controls to mitigate identified security threats and risks.
• You have worked either within or with engineers in the security/product security space.

Minimum salary of $104,400 to maximum $276,900. 

These pay ranges are intended to cover roles based across the United States.  An individual's base pay depends on various factors including geographical location and review of experience, knowledge, skills, abilities of the applicant. At GitHub certain roles are eligible for benefits and additional rewards, including annual bonus and stock. These rewards are allocated based on individual impact in role. In addition, certain roles also have the opportunity to earn sales incentives based on revenue or utilization, depending on the terms of the plan and the employee's role. 

Location: In this role, you can work remotely from anywhere in the United States or onsite in one of GitHub’s U.S. offices (San Francisco, Bellevue, Raleigh)

#LI-Remote