
Enterprise Security Manager at Accretive Technology Group. Location Information: United States - Remote. . Accretive Technology Group — Enterprise Security Manager. Work Remotely From: . Arizona, California, Colorado, Florida, Michigan, Missouri, Nevada, South Carolina, Texas, or Washington.. Onsite/Hybrid Option:. Seattle, WA. About Accretive Technology Group: . We are a Seattle-based tech company with more than 25 years of proven success. Privately owned, stable, and profitable, we’ve built our reputation on open-source values, a strong DIY spirit, and a deep respect for craftsmanship. Our teams are customer-obsessed and built around empowered engineers who love what they do.. Role Overview: . Our engineering team is FOSS-first, deeply collaborative, and committed to building secure, scalable systems that serve a wide range of customers and partners worldwide.. We’re looking for a seasoned and hands-on Enterprise Security Manager to lead the development and execution of our security initiatives across enterprise, development, and production environments. This is a unique opportunity to take ownership of a growing practice and build a high-impact security team from the ground up.. As our Enterprise Security Manager, you’ll be responsible for establishing and maturing a comprehensive security strategy that spans multiple environments and aligns with compliance standards such as PCI-DSS.. You'll partner closely with leadership and stakeholders across the business to design a long-term roadmap, shape internal security culture, and ultimately protect the integrity of our systems and services.. This role is a hybrid of strategic planning and technical execution — ideal for someone who has a broad understanding of modern security challenges and thrives in a fast-moving, distributed environment.. Key Responsibilities:. Build and lead a small, high-performing security team — hiring, mentoring, and developing engineers and analysts.. Define and drive the vision, roadmap, and execution of our security program across enterprise, development, and production environments.. Lead vulnerability management efforts, including internal/external scans, real-time monitoring, bug bounty programs, and vulnerability disclosure (VDP).. Design and implement tooling — including . SIEM. , SOAR, EDR, IDS, and logging platforms — to ensure visibility, threat detection, and automated response.. Monitor evolving threat landscapes, lead . incident response. protocols, and develop systems for proactive risk management.. Guide secure development efforts and partner with engineering teams on remediation strategies.. Serve as the primary point of contact for PCI-DSS compliance, including oversight of scanning, remediation, and certification. Ensure the team maintains active PCI-ISA credentials.. Lead audit readiness and evidence preparation for SOC 2, GAAP, and other regulatory IT audits, including control design and remediation efforts.. Partner cross-functionally with infrastructure, development, IT, and compliance to embed security throughout the organization.. Represent the company in the broader security community — contributing to research, attending or speaking at conferences, and helping elevate the team’s visibility.. Foster continuous learning by supporting training, certifications, and conference attendance for security team members.. Develop and communicate clear risk metrics, KPIs, and reports to leadership and stakeholders.. Qualifications:. Proven experience in information security, including leadership or management of technical teams.. Proven success building or scaling security programs in distributed, high-growth environments.. Deep understanding of secure systems and network architecture in production and enterprise environments.. Experience with both cloud and on-prem infrastructure security, endpoint protection, and secure SDLC.. Proficiency with scripting or development languages (Python, Go, . Bash. , etc.) and a strong belief in automation wherever possible.. Familiarity with compliance frameworks like PCI-DSS, SOC 2, and GAAP-aligned IT controls.. Strong communicator — clear, confident, and effective across technical and non-technical audiences.. Hands-on familiarity with security tools such as CrowdStrike, Wiz, ELK, Wazuh, Falco, Prometheus, Grafana, or similar platforms.. Who You Are:. Humble and collaborative — you work well across teams and mentor with patience and clarity.. Driven by craftsmanship — always looking to improve, automate, and harden systems.. Comfortable with complexity — you thrive in environments with nuance, ambiguity, and scale.. Security-minded but pragmatic — you understand that security needs to enable velocity, not block it.. Curious and engaged — you stay active in the security community, whether through talks, tools, or research.. Bonus Points If You.... Have given talks or published research at security conferences like DEFCON, Black Hat, ToorCon, etc.. Have experience with large-scale networking (BGP), DDoS mitigation, and globally distributed systems.. Enjoy analyzing high-volume log data and surfacing actionable insights.. Have participated in CTFs, red team exercises, or collegiate cyber competitions.. Are active in bug bounty programs — send us your profile!. Have deep knowledge of Linux internals, eBPF, WAF evasion, packet analysis, and related domains.. Have familiarity with Microsoft enterprise environments (Windows, Azure, and compliance considerations).. Hold certifications such as OSCP, OSCE, or similar (a plus, not required).. Earned a degree in a STEM or engineering discipline (also not required — skill matters most).. Perks & Benefits:. Employer-paid Medical, Dental, and Vision benefits. Life & Disability Insurance Coverage. Health Care FSA. Daycare FSA. 401(k) with a 50% contribution match (no limit). Generous Vacation and PTO plan. Paid Holidays. Semi-Annual Profit Sharing. Gym/Equivalent Exercise Program Reimbursement. $175 transportation Reimbursement ($100 of this may be used for home internet for remote and hybrid employees). Dedicated annual budget for training, certifications, and conference attendance. Flexible remote work (with the option to work from our Seattle HQ). High ownership and impact — help build a world-class security program from the ground up. A reasonable, good-faith estimate of the minimum and maximum base . salary. for this position is. $150K - $250K. . This position will also include a profit sharing that is dependent on a variety of factors.. Accretive Technology Group is an Equal Employment Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, or national origin.. Unfortunately, we do not provide visa sponsorship, visa transfer, or corp-corp arrangements.. Agencies - NO unsolicited submissions will be accepted and if any Agency does submit an unsolicited candidate that Agency shall have no recourse from Accretive Technology Group.. .