Staff Manager, Security Engineering

Collectors is the leading creator of innovative technology that provides value-added services for collectors worldwide. We grade, authenticate, vault and sell millions of record-setting collectibles, all while modernizing and digitalizing the process to further our mission of helping collectors pursue their passions. We’re always on the lookout for talented people to join our growing team. Our services span collectible coins, trading cards, Funko Pops!, video games, event tickets, autographs, and memorabilia. Our subsidiaries include PSA, PCGS, WATA, Card Ladder, Goldin, and the Long Beach Expo collectibles trade show.Since our founding in 1986, we have graded and authenticated millions of items. We employ more than 1,700 people across our headquarters in Santa Ana and offices in Jersey City, Seattle, Hong Kong, Paris, Shanghai, and Tokyo. 

We’re transforming the collecting experience with technology that brings authentication, grading, and trading into the modern era. Our products are equalizing the playing field by providing tools that make complex research analytics — including pricing, scarcity reports, and historic sales data — accessible to every collector, old or new. Our engineering mission is to democratize technology while promoting innovation, collaboration, and continuous learning throughout the organization. We're seeking engineers to utilize advanced technology in agile settings, with a focus on improving the customer experience for every collector. Collectors Cybersecurity team is committed to utilize cybersecurity, risk and privacy best practices on our platforms, leveraging signal intelligence and observability at scale to protect our customers, employees and our brand.

As a “hands-on” Security Manager, you will be managing a team of security professionals as well as develop and deliver operational security solutions, automations, and services to keep Collector’s platforms and services secure. You will work with teams across Collectors to understand the technology team’s security and compliance needs, select and build tools, create processes and train colleagues to deliver a broad portfolio of projects and services. You’ll leverage practical DevOps experience to deploy and maintain security tooling (both open source and commercial) to improve our security posture. You’ll focus on wide-ranging, cross-functional security infrastructure projects that improve our overall security capability and reduce security friction across the organization. You will be a go-to resource for architectural consultation and will provide guidance for both internal and external teams in secure infrastructure deployment and fortification practices. Understanding the methods and techniques of the organization’s security adversaries, you will find and foresee critical vulnerabilities in the operational environment and work to mitigate or eliminate them entirely.

You’ll report to the VP of Cybersecurity and work from our Santa Ana, CA office. Remote or hybrid candidates will also be considered. We believe that there is significant value in in-person collaboration. If you live within a 1 hour commuting distance to one of our offices, you will be required to be onsite most of the time. This will be discussed further as part of the recruiting process.

What You’ll Do:

• As a cyber security manager, you will be responsible for leading a team of information security professionals.
• Design, develop, deploy, maintain, and support cybersecurity frameworks, automations, and solutions using various commercial, open source, and internally developed tools using one or more languages or environments such as Bash, Go, Python, Jupyter Labs, Rust, Java, VRL, etc.
• Design, develop, deploy, maintain, and support data repository and analytics solutions using Vector, SQL relational databases, AWS/cloud solutions.
• Provide technical guidance  for automated, effective, and efficient security operational environments (networks, systems, processes, cloud) with sound security architecture practices and novel mitigation strategies.
• Evolve Collector’s Universe security benchmarks, standards, and response method.
• Develop a framework for analysts and operation engineers to proactively communicate security best practices, covering detection, response, and resolution.
• Provide technical expertise defining threat hunting use cases,  process definition, and automation. 
• Lead cross collaboration with teams across IT, Cloud, DevOps, Product to effectively and efficiently manage security monitoring, tuning, detections, hunting, and incident response.
• Partner with the other engineering teams to deliver seamless security operations and engineering services to critical Collectors’ business lines.
• Utilize DevOps skillet (Ansible, Terraform, Docker, Kubernetes, GitHub, CI/CD tooling) to deploy and maintain core security tooling (open source and commercial).
• Produce, compile and maintain  technical documentation of security services for internal teams.
• Improve current security capabilities and anticipate future security threats and trends leveraging cyber threat intelligence.
• Establish credibility throughout the organization by earning the reputation for being a proactive leader and change agent.
• Consult with our security compliance team during security audits in order to demonstrate architectural security capabilities.
• Be a  subject matter expert in the organization’s infrastructure and architecture.

Who You Are:

• 10+ years in a security-related field, providing a blend of architectural leadership and hands-on expertise
• 5+ years of experience as a hands-on Information Security Lead.
• 5+ years of experience working with AWS cloud compute environments, security engineering, security operations, DevSecOps
• Ability to lead a team with excellent planning and organizational skills, and excellent written and oral communication. Adept at building internal and external relationships with a focus on customer service
• Extensive knowledge of Information Technology particularly those areas related to Information Security, engineering, architecture, monitoring, threat detection, vulnerability management, EDR, DLP, cyber threat intelligence, and configuration & tuning.
• Be passionate in the pursuit of securing Collectors’ data and critical assets, staying well-informed on adversary behavior. 
• Able to work in a remote team and be proactive rather than reactive.
• Demonstrated expertise and experience with advanced and 0-day threats, intrusions, malware infection, packet analysis, and associated Tactics, Techniques and Procedures (TTP)
• Extensive IaaS experience (AWS-preferred, Azure, GCP), protocols, tools, and technologies. 
• Deep understanding of current industry infrastructure standards and practices, along with a process oriented background.
• Capable of leveraging devops approach to solve practical day-to-day security automation challenges using languages such as Python, Bash, Go, GitHub, etc.
• Thorough understanding of networking and system administration.
• Familiarity with major compliance frameworks including PCI, NIST, ISO, SOX, with experience performing or assisting in audits.
• Bachelors in CS, Cybersecurity or related fields and certifications such as GCIH, CISSP, or any other professional or Specialty AWS certification (e.g., AWS Solutions Architect Professional, DevOps Engineer Professional, or Security Specialty) is good to have

The salary range for this position is $175,000-$275,000. Actual compensation on this range varies based on a variety of non-discriminatory factors, including location, job level, experience, and skill set.

Reasons To Join Us: 

• Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision 
• 401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals 
• Vacation: All full-time employees are eligible for a flexible paid vacation 
• Holiday Pay: All regular, full-time employees are eligible for nine company paid holidays 
• Employee Discounts: Employees receive discounts on select grading services for approved submissions 
• Flexible Hours: Many of our teams offer flexible schedules with varying shifts and will work with you to accommodate your needs 
• Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activities
• Additional Benefits: Full-time employees are eligible for fertility, commuter, and educational assistance benefits

Candidates must be authorized to work in the United States.