Corporate Security Engineering Manager: Secure the Future with Onebrief
Are you a visionary security engineering leader passionate about building robust, automated defenses and shaping the security posture of a rapidly scaling, high-impact organization? At Onebrief, we're not just building software; we're transforming military operations, empowering staffs to achieve the 'superhuman' — faster, smarter, and more efficient. With over $320M in funding and a $2.15B valuation, we're making an impact where it matters most, and we need your expertise to secure our mission-critical enterprise.
About Onebrief: Powering the Future of Military Staffs
Onebrief is at the forefront of defense technology, developing collaboration and AI-powered workflow software designed specifically for military staffs. Our innovative solutions empower teams to operate with unparalleled speed, intelligence, and efficiency. Founded in 2019 by experienced planners, our all-remote team comprises veterans from diverse forces and global organizations, alongside technologists from leading software companies. We embody an Olympic team's dedication – taking ownership, seeking excellence, and playing to win with seriousness and camaraderie. Join a company that values impact, innovation, and a culture of continuous improvement.
The Opportunity: Lead Corporate Security Engineering
We are seeking an experienced and strategic Corporate Security Engineering Manager to spearhead the security posture of our entire Corporate IT environment. Reporting to our Director of Corporate IT & Security, you will be instrumental in ensuring the secure deployment and continuous hardening of our corporate SaaS and installed applications.
This is a pivotal role that masterfully blends hands-on security engineering leadership with critical program ownership. You'll drive configuration standards, oversee vulnerability management, govern SaaS security, and champion control automation. You'll balance day-to-day team leadership with the development of long-term architectural improvements that not only strengthen our compliance posture but also significantly reduce operational friction. Your mission: to ensure our corporate environment is inherently secure by default, continuously monitored for drift, and fully aligned with CMMC 2.0 and NIST 800-53 requirements, all while driving measurable improvements in tooling coverage, enforcement consistency, and audit defensibility.
We're looking for a steady, experienced leader who can build and run a high-performing continuous monitoring and configuration enforcement function. Someone who brings structure to baseline management, leverages automation to prevent drift, and ensures our corporate systems and commercial infrastructure remain securely configured and audit-ready at all times.
Who You Are: A Visionary Security Leader
You are an experienced security engineering leader who understands that durable security is built on enforceable baselines and thoughtful automation, not reactive fixes. You have a proven track record of leading systems engineers, creating clarity around ownership, defining robust configuration standards, and driving measurable security outcomes.
You're comfortable reviewing complex architectures, approving secure deployment patterns, and making astute, risk-based decisions about technical controls. You think in interconnected systems, viewing endpoint security, SaaS configuration management, identity hardening, Zero-Trust infrastructure, GRC, and vulnerability scanning as integral components of a cohesive enterprise security program.
You possess a deep understanding of how to align technical control implementations with critical frameworks like CMMC 2.0 and NIST 800-53, ensuring all documentation and evidence are pristine, defensible, and audit-ready. Structured, accountable, and automation-minded, you consistently push for drift detection, configuration enforcement, and scalable solutions that reduce manual effort while dramatically improving coverage and reliability.
What You'll Do: Drive Impact and Innovation
Architect & Strategize
Own the comprehensive strategy and maturity roadmap for corporate security engineering, encompassing baseline configuration standards, vulnerability management oversight, SaaS security governance, and automation priorities.
Define and embed what "secure by default" means across all corporate systems and commercial infrastructure.
Lead & Empower Your Team
Lead, mentor, and develop our Vulnerability Management Specialist and System Security Engineers through coaching, structured feedback, and clear technical ownership boundaries.
Proactively remove blockers, clarify priorities, and ensure your team consistently focuses on high-impact risk reduction work.
Innovate & Harden Defenses
Significantly strengthen configuration enforcement, reduce security drift, and elevate automation across endpoints, SaaS platforms, browsers, identity systems, and enterprise tooling.
Ensure vulnerability management processes are consistent, measurable, and rigorously aligned to defined SLAs.
Collaborate & Integrate
Forge strong partnerships with Security Operations, IT, Engineering, and Compliance teams to ensure corporate systems and commercial infrastructure are deployed securely and remain compliant with all regulatory requirements.
Provide critical technical control guidance during system rollouts and high-stakes risk discussions.
Standardize & Optimize Workflows
Establish structured, efficient workflows for baseline reviews, configuration drift monitoring, vulnerability remediation oversight, and Plan of Action & Milestones (POA&M) tracking.
Maintain immaculate documentation, control mappings, and evidence collection processes that significantly enhance audit readiness and operational clarity.
What We Look For: Your Core Qualifications
6–10+ years of progressive experience in security engineering, systems security, or enterprise security architecture.
2+ years of proven experience leading engineers or technical security teams.
Hands-on expertise with endpoint security tooling (e.g., MDM platforms, browser enterprise management, secure web gateways such as Zscaler).
Strong experience implementing and enforcing configuration baselines aligned to NIST 800-53, CMMC 2.0, DISA STIGs, or similar rigorous frameworks.
Demonstrated experience overseeing or operating vulnerability management programs and defining precise remediation SLAs.
Proven ability to drive automation initiatives to prevent configuration drift and enhance control coverage.
Strong understanding of SaaS security configuration, identity hardening, and enterprise access controls.
Experience partnering effectively with Compliance teams to provide robust audit evidence and defensible documentation.
Proven ability to translate complex regulatory requirements into enforceable, practical technical controls.
Sound judgment, strong technical credibility, and the ability to skillfully balance enforcement with enablement.
Core Security & Privacy Accountabilities
Act as the technical control owner for all corporate security engineering functions.
Ensure the robust protection of the confidentiality, integrity, and availability of corporate systems and infrastructure through enforced configuration standards and control automation.
Ensure security configurations and vulnerability remediation activities rigorously support regulatory and privacy commitments, including CMMC 2.0 and NIST 800-53.
Ensure configuration data, vulnerability data, and remediation evidence are accurate, access-controlled, and retained in strict accordance with policy.
Enforce secure-by-default deployment patterns and proactively monitor for configuration drift across all enterprise systems.
Actively participate in risk evaluation and risk acceptance discussions, promptly escalating unresolved technical risks to the Director of Corporate Security & IT.
Ensure engineering staff consistently follow established change management, documentation, and evidence preservation standards.
Notice to Third Party Recruitment AgenciesPlease note that Onebrief does not accept unsolicited resumes from recruiters or employment agencies. In the absence of an executed Recruitment Services Agreement, there will be no obligation to any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without an agreement Onebrief explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of Onebrief.