Product Security Operations Engineering Manager

MathWorks has a hybrid work model that enables staff members to split their time between office and home. The hybrid model provides the advantage of having both in-person time with colleagues and flexible at-home life optimizations. Learn More:

As the Product Security Operations Engineering Manager, you will lead a team of skilled engineers dedicated to managing security incidents, addressing high-profile vulnerabilities, and enhancing the secure development of our products and services. In this role, you will drive high-impact projects, collaborate with global cross-functional teams, and champion the integration of robust software security practices across our development organization. The ideal candidate will possess a strong background in operational security, expertise in automation engineering, proven leadership abilities, and a successful track record of managing security-focused teams.

MathWorks nurtures growth, appreciates diversity, encourages initiative, values teamwork, shares success, and rewards excellence.

• Team Leadership and Strategy: Lead, mentor, and develop a high-performing security operations engineering team. Assign and oversee tasks and responsibilities, perform resource allocation and workload balancing, and serve as the go-to person for technical and procedural questions. Set strategic goals, manage priorities, drive impactful results, conduct performance reviews, and foster a culture of continuous improvement and collaboration.
• Secure Development: Participate in threat modeling and security reviews of new products and features with security impact. Interact with global development teams to ensure timely remediation of security issues in line with best practices. Define, develop, and enforce security Service Level Objectives. Influence and facilitate the adoption of security policies, standards, and processes across the product development organization, and provide recommendations to senior management for organization-wide adoption.
• Security Operations Management: Monitor and respond to vulnerability intelligence—including sources such as Recorded Future, bug bounty programs, and internal escalations. Oversee the triage (assessment, classification, and prioritization) of incoming security issues across multiple applications and manage the security event lifecycle. Serve as the senior incident manager for significant security events and develop and refine incident response playbooks.

• Security Engineering and Automation: Drive the architecture, implementation, and optimization of security tools. Lead the automation of vulnerability management, incident response procedures, data collection, and routine security tasks to enhance response times and team efficiency.

• Proven experience with operational management in diverse environments

• Leadership experience in overseeing high-performing teams in a highly collaborative environment
• Ability to collaborate with large, distributed engineering teams to contextualize and prioritize vulnerabilities based on business impact and threat intelligence
• Strong understanding of the vulnerability management tool stack, including SAST, DAST, container scanning, dependency scanning, and infrastructure scanning tools (e.g., SonarQube, SemGrep, Burp, Black Duck, JFrog Xray, Wiz, etc.)
• Deep knowledge of application, cloud, network, and operating system security
• Knowledge of vulnerability scoring systems (CVSS/CMSS)
• Proficiency in scripting (PowerShell, Python); relevant certifications (e.g., CISSP, Security+) are preferred
• Excellent communication, interpersonal, organizational, and leadership skills
• Experience with OWASP Top 10, CVEs, insecure cloud configurations, container risks, and supply chain vulnerabilities
• Experience with security threat modeling, penetration testing, and security reviews
• Detail-oriented, organized, and methodical, with strong follow-up and analytical skills
• Familiarity with secure coding techniques and best practices
• Ability to quickly learn and adapt to new technologies

• Knowledge of current cyber security trends, as well as the ongoing research of emerging threats and hacking techniques

• A bachelor's degree and 6 years of professional work experience (or a master's degree and 3 years of professional work experience, or a PhD degree, or equivalent experience) is required.