About the role
Shopify receives millions of unique visitors each month and serves billions of requests per day. The Security and Trust Team at Shopify protects over 1 million merchants and their businesses by ensuring that Shopify is one of the most secure and trustworthy commerce platforms on the planet.
As a Security Engineering Program Manager, you'll be a part of a highly adaptable team embedded in Engineering with the autonomy to discover, analyse and solve security issues in Shopify’s products and platform.
Resourcefulness is key - you’ll need to quickly gather context on our infrastructure, systems, software and safeguards to help Shopify continue shipping and scaling while staying secure, trustworthy and usable. If you want to take the lead on work that impacts Shopify’s most dynamic and innovative initiatives, and you genuinely enjoy tackling complex security problems at scale, we have a role for you!
Here’s what you can expect from the role - an opportunity to:
Dive deep into a new product or initiative to surface and analyse its impact on security
Work with multidisciplinary teams to strengthen our products and services throughout their lifecycles - before, during, and after they ship
Use data to better inform security and trust decisions at scale
Use threat modelling to explore the risks and mitigations in technical systems
Anticipate changes in our trust and security posture as our technical footprint and company processes change, and help propose solutions to adapt
Help us build and scale our security engineering programs and roadmaps
Interested in applying? You should have experience with one or more of the following (don’t stress, we are not expecting experience in all of the following!):
Analysing technical designs to surface trust and security intersections
Drawing connections between technical documentation, source code, data sources and other repositories of information to build up context and understanding
Working on security or engineering problems
Driving adoption of security services across many engineering teams, with emphasis on self service.
Identifying, tracking and remediating areas of security risk - while adapting to rapid change
Translating technical jargon and complicated concepts into something simple, accurate and understandable
Building and maintaining technical, security and financial compliance programs, such as PCI and SOC 2 (PCI or SOC 2 experience is a Bonus!)
At Shopify, we are committed to building and fostering an environment where our employees feel included, valued, and heard. Our belief is that a strong commitment to diversity and inclusion enables us to truly make commerce better for everyone. We strongly encourage applications from Indigenous peoples, racialized people, people with disabilities, people from gender and sexually diverse communities and/or people with intersectional identities. Please take a look at our 2020 Sustainability Report to learn more about Shopify's commitments.
How we hire
Not what you’re looking for?Check out these similar roles.
|Senior Application Security Engineer (EST)||Trust and Security||Americas|
|Recovery Specialist||Trust and Security||Americas|
|Infrastructure Security Engineer||Trust and Security||Americas|
|Infrastructure Security Engineering/Development Manager (Remote, Americas)||Trust and Security||Americas|
|Staff Infrastructure Engineer (Remote, Americas)||Trust and Security||Americas|
|Senior Manager, Security Culture Awareness & Education||Trust and Security||Americas|
|Senior Manager, Security Culture Awareness and Education||Trust and Security||
Seattle, United States
|Vulnerability Management, Technical Security Analyst||Trust and Security||Americas|