Manager, Security Engineering

The Trade Desk is a global technology company and the world’s leading independent platform for digital advertising, with nearly 4,000 employees across more than 30 offices. Our technology helps advertisers reach the right audiences across the open internet — from streaming TV and podcasts to mobile apps, news, and more. Advertising powers the content people love. By making it more transparent, effective, and responsible, we help support trusted journalism, quality entertainment, and creators worldwide. The world’s brands and agencies rely on us to reach their customers and grow their businesses responsibly. The scale of our platform brings unique technical challenges — from processing massive datasets in real time to building systems that operate reliably on a global scale. When you work here, your impact is worldwide. We welcome diverse perspectives, encourage curiosity, and build teams that learn from one another. If you’re driven to solve meaningful challenges, we’d love to meet you. The Trade Desk operates one of the largest and most performant programmatic advertising platforms in the world. The security of our customers’ data, the trust of our partners, and the velocity of our engineering teams all hinge on the strength of our application and platform security programs. As our security posture continues to mature, we are investing in the leadership required to drive that maturity forward. We are looking for a Manager, Security Engineering to join our Cybersecurity Department. This person will lead a combined team of Application Security and Platform Security engineers, with end-to-end ownership of how TTD secures both the code we ship and the infrastructure we run it on. Reporting within the Cybersecurity organization, this leader will contribute to the strategy, roadmap, and execution of TTD’s Security Engineering function — including the KPIs, maturity model, and executive-level reporting that demonstrate measurable improvement in our overall security posture over time. The right candidate brings deep application and platform security expertise, a track record of building and developing high-performing teams, a strong bias to action, and the ability to translate technical risk into business outcomes for engineering leaders, product leaders, and executives. Beyond the technical and program experience, we are looking for a leader with the human qualities that make a security team effective. You lead with integrity, communicate clearly, and bring empathy to your team, the engineers we partner with, and the customers whose trust we hold. You are deeply curious about how systems work and how they break, and you pair that curiosity with a strong bias to action and ownership of outcomes. You stay calm under pressure, and you approach feedback — both giving and receiving it — with humility and a willingness to grow. Security is a team sport, and the right leader sets that tone every day. What You'll Do: Lead, grow, mentor, and develop a combined team of Application Security and Platform Security engineers; drive performance, growth, and retention across the function. Own and evolve The Trade Desk’s Security Engineering strategy, roadmap, and maturity model across both application and platform domains; define and report KPIs that demonstrate measurable improvement in security posture to senior leadership. Ensure consistency and alignment across application and platform security controls — driving unified standards, shared tooling, and integrated posture outcomes for the enterprise. Drive shift-left integration of security into the SDLC in partnership with Engineering and Product — including threat modeling, secure design reviews, and the rollout and tuning of SAST, DAST, and SCA tooling. Mature TTD’s posture management capabilities across cloud and infrastructure — including CSPM, Infrastructure-as-Code scanning, hardening baselines, and configuration management. Mature TTD’s vulnerability management and remediation orchestration practices — including triage workflows, risk-based prioritization, SLA tracking, and integration with engineering workflows. Represent the Security Engineering function across the broader organization — Engineering, Product, Compliance, Security Response, and executive leadership — and influence roadmap decisions, resource allocation, and security investment priorities. Preferred Qualifications: We do not expect all applicants will have skills that match a job description exactly. We strongly encourage applicants with alternative experiences to also apply. We are especially interested in connecting if you have: 7+ years of experience in Information Security or Cybersecurity, with hands-on depth in Application Security and/or Platform/Cloud Security. 2+ years of experience leading and developing security engineering teams, including hiring, mentoring, performance management, and roadmap ownership. Experience driving a measurable security maturity program — defining KPIs, reporting to leadership, and demonstrating posture improvement over time. Experience building programs that apply industry-standard security best practices and reconcile them against business and engineering needs. Experience managing a security assessment program — including architecture reviews, secure design reviews, threat models, and code/configuration reviews across many product teams. Experience building security visibility and engagement programs (e.g., Security Champions, security awareness, training) that scale culture and coverage across the organization. Working knowledge of cloud security, Cloud Security Posture Management (CSPM), and Infrastructure-as-Code scanning across one or more major cloud platforms (AWS, GCP, or Azure). Strong understanding of secure software development and deployment practices, including common application security risks and mitigations (e.g., OWASP, CWE). Familiarity with common Information Security frameworks and standards such as MITRE ATT&CK, NIST, and ISO 27001/27002. Excellent written and verbal communication skills — able to translate technical risk into business outcomes for executive audiences and to communicate, influence, and manage expectations directly with engineering teams. Certifications such as CISSP, CSSLP, GWAPT, OSWE, or cloud security certifications (AWS, GCP, or Azure) are a plus. Knowledge of PII, PHI, financial data regulations, data residency requirements, and international regulatory aspects pertaining to sensitive information is a plus. Experience in ad tech, large-scale SaaS, or other high-throughput consumer/enterprise platforms is a plus. The Trade Desk does not accept unsolicited resumes from search firm recruiters. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of The Trade Desk. The Trade Desk is an equal opportunity employer. All aspects of employment will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law.

• LA JOBS ONLY] The Trade Desk will consider qualified applicants with criminal histories for employment in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring, Ordinance No. 184652.
• SF JOBS ONLY] Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

In accordance with various US state laws, the range provided is the Trade Desk's reasonable estimate of the base compensation for this role. The actual amount may differ based on non-discriminatory factors such as experience, knowledge, skills, and location. All employees may be eligible to become The Trade Desk shareholders through eligibility for stock-based compensation grants, which are awarded to employees based on company and individual performance. The Trade Desk also offers other compensation depending on the role such as variable compensation-based incentives and commissions. Plus, expected benefits for this role include comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents, retirement benefits such as a 401k plan and company match, short and long-term disability coverage, basic life insurance, well-being benefits, reimbursement for certain tuition expenses, parental leave, sick time of 1 hour per 30 hours worked, vacation time for full-time employees up to 120 hours thru the first year and 160 hours thereafter, and around 13 paid holidays per year. Employees can also purchase The Trade Desk stock at a discount through The Trade Desk’s Employee Stock Purchase Plan. The Trade Desk also offers a competitive benefits package. Click here to learn more. Note: Interns are not eligible for variable incentive awards such as stock-based compensation, retirement plan, vacation, tuition reimbursement or parental leave At the Trade Desk, Base Salary is one part of our competitive total compensation and benefits package and is determined using a salary range. The base salary range for this role is

$124,900—$228,900 USD

As an Equal Opportunity Employer, The Trade Desk is committed to creating an inclusive hiring experience where everyone has the opportunity to thrive. Please reach out to us at accommodations@​thetradedesk.​com to request an accommodation or discuss any accessibility needs you may require to access our Company Website or navigate any part of the hiring process. When you contact us, please include your preferred contact details and specify the nature of your accommodation request or questions. Any information you share will be handled confidentially and will not impact our hiring decisions.