About This RoleHalodoc is seeking an experienced Engineering Manager, Security to lead our efforts across Application Security, Cloud Security, and Security Operations. This role requires a strategic thinker with deep technical expertise and strong leadership capabilities to build and manage a high-performing security team.
As Engineering Manager, you will define and drive Halodoc's security strategy across products and infrastructure, ensuring security is embedded throughout the software development lifecycle. You will collaborate closely with engineering, product, and business teams to identify risks, design secure solutions, and respond proactively to threats.
The ideal candidate will have a deep understanding of application security, cloud security architectures, and security operations, along with the ability to lead cross-functional initiatives. You must also possess strong communication skills to articulate complex security concepts to both technical and non-technical stakeholders. We value individuals who are passionate about staying ahead in security, leveraging emerging technologies like AI/ML, LLMs, and adopting innovative methodologies to enhance our security posture.
Responsibilities
- Lead and mentor a team of Security Engineers across Application Security, Cloud Security, and Infrastructure Security.
- Define and drive the security roadmap, aligning with Halodoc's business objectives, compliance requirements, and healthcare regulations.
- Collaborate with SRE and Product teams to embed security into the software development lifecycle (shift-left approach).
Promote secure development practices across engineering teams by:
Establishing and enforcing secure coding guidelines and code review standards.
- Integrating security checks into CI/CD workflows (SAST, DAST, SCA, IaC scanning).
- Running structured developer security training, awareness sessions, and secure coding workshops.
- Enabling engineers with self-service security tooling (pre-commit hooks, dependency scanners, IaC validators, container security checks).
- Oversee cloud security architecture in AWS, including IAM, KMS, Security Hub, GuardDuty, WAF, and Shield.
- Manage application security programs, including secure design reviews, threat modeling, and code scanning.
- Drive incident detection and response, conduct chaos security drills, and oversee post-mortem reviews.
- Ensure compliance with regulatory requirements, including data protection and healthcare regulations.
- Report on security KPIs, risks, and incidents to engineering and executive leadership.
- Explore AI/ML-driven security automation to improve detection, prevention, and remediation.
Qualifications
- 8–15 years of experience in cybersecurity, with 3–5 years in a leadership or managerial role.
- In-depth knowledge of application security principles, secure coding practices, vulnerability management, and penetration testing.
- Deep experience with security on one, or more of, AWS, Azure, or GCP.
- Hands-on experience designing and managing security operations processes (e.g., incident response, SIEM, threat hunting, log analysis).
- Excellent verbal and written communication skills, with the ability to convey complex topics to diverse audiences.
- Demonstrated ability to lead and scale high-performing teams while driving measurable security improvements.
Preferred Qualifications
- Public contributions to the security community (e.g., blog posts, conference presentations, open-source tools or research).
- Familiarity with AI/ML-specific security challenges (e.g., prompt injection, model poisoning, privacy leakage).
- Relevant certifications such as CISSP, CISM, OSCP, or AWS Certified Security – Specialty.
Why Join Halodoc?
At Halodoc, we're on a mission to transform healthcare through innovative technology. As the Engineering Manager, Security , you'll play a key role in protecting our platform and ensuring the trust of millions of users who rely on us every day.
We pride ourselves on fostering a dynamic, mission-driven environment where you'll have the opportunity to grow, lead high-impact teams, and make a real difference in people's lives. If you're passionate about security, thrive in fast-paced settings, and enjoy tackling complex challenges while leading with purpose—we'd love to hear from you