Security Engineering Manager

Job Description:

Overview:

We don't simply hire employees. We invest in them. When you work at Chatham, we empower you - offering professional development opportunities to help you grow in your career, no matter if you've been here for five months or 15 years. Chatham has worked hard to create a distinct work environment that values people, teamwork, integrity, and client service. You will have immediate opportunities to partner with talented subject matter experts, work on complex projects, and contribute to the value Chatham delivers every day.

We are seeking a Security Engineering Manager to lead and evolve our security engineering function within a growing financial risk and advisory SaaS business. This role is ideal for an engineering-first leader who thrives in a hands-on environment and is motivated to build, scale, and mature security capabilities in a cloud-native platform.

You will lead a small but growing team, while remaining deeply technical-designing and implementing security controls across cloud infrastructure, applications, and CI/CD pipelines. You will play a critical role in strengthening our security posture, ensuring compliance with SOC 2 requirements, and enabling engineering teams to build securely at scale.

What You'll Do

• Lead and grow the Security Engineering function, starting as a player-coach and scaling the team over time

• Design, build, and implement security controls across Azure-based cloud infrastructure, containerized environments, and .NET applications

• Establish and mature cloud security and application security practices, including secure architecture patterns and threat modeling

• Secure the software development lifecycle (SDLC) by integrating security into CI/CD pipelines and developer workflows

• Own and manage third-party penetration testing, including vendor coordination, scope definition, and remediation tracking

• Develop and deliver secure coding training and guidance to engineering teams, driving adoption of best practices

• Build and maintain auditable security controls aligned with SOC 2 requirements,partner closely with internal stakeholders and external auditors

• Collaborate cross-functionally with Engineering, DevOps, and Compliance to embed security into the development and delivery process

• Evaluate, implement, and operate security tooling, with a focus on automation and scalability (shifting from building to optimizing over time)

• Implement and manage cloud security scanning and posture management, including continuous monitoring for misconfigurations, vulnerabilities, and drift across Azure environments

• Identify and address emerging risks related to AI/LLM usage, including vulnerability management, secure integration practices, and guidance for engineering teams adopting AI capabilities

• Remain hands-on-able to dive into technical challenges, review architecture, and contribute directly when needed

What Success Looks Like (First 12 Months)

• Strengthened and matured cloud and application security practices across the organization

• Implemented robust policy scanningand vulnerability management practices

• Implemented effective security controls within CI/CD pipelines and development workflows

• Established and maintained robust, auditable controls aligned to SOC 2 requirements

What You Bring

• 7+ years of experience in security engineering, with a strong foundation in software or cloud engineering

• Proven experience leading or mentoring engineers, with a desire to build and scale a team

• Deep hands-on expertise in cloud security (Azure required; AWS familiarity preferred)

• Experience securing modern application stacks, including .NET applications and containerized environments

• Strong understanding of application security principles, including secure coding practices, threat modeling, and common vulnerabilities (OWASP Top 10)

• Experience integrating security into CI/CD pipelines and developer tooling

• Familiarity with SOC 2 controls, including designing and implementing auditable technical controls and working with auditors

• Experience managing or working with third-party penetration testing vendors

• Strong problem-solving skills with the ability to operate both strategically and tactically

• Experience with security tooling such as SAST, DAST, container scanning, and cloud security posture management (CSPM)

• Excellent collaboration and communication skills, particularly in working with engineering teams

For Denver based candidates, the compensation range for the position is expected to be between $155,000 and $180,000 annually. Total compensation, including base pay, discretionary individual bonus and company bonus, may be higher than range listed, depending on applicant's skills, qualifications, and experience. Benefits include health insurance, life and disability insurance, 401k, EAP, paid holidays and paid time off.

About Chatham Financial:

Chatham Financial is the leading independent capital markets advisor, delivering an integrated blend of expert advice and powerful technology to help you reduce risk and seize opportunity. With decades of capital markets strategy, execution, monitoring, and performance expertise, we serve as an unwavering advocate for your best interests and your innovation partner. Our technology platform unifies data across assets, debt, and derivatives, giving you unmatched agility, transparency, and insight.

It's clear ahead.

Our commitment is to carry that light forward in every partnership, every solution, and every market we serve.

We help guide the way-giving clients the insight and momentum to move forward with confidence, no matter what lies ahead.