Engineering Manager

Impact

As an Engineering Manager on our Application Security team, you’ll lead the charge in embedding secure practices across Shipt. You’ll manage a high-performing team of engineers focused on scaling security controls that protect our users, empower developers, and safeguard our applications. You’ll cultivate a culture of growth, accountability, and innovation by mentoring your team, driving strategic initiatives, and shaping security practices across the organization.

If you are enthusiastic about cybersecurity, enjoy sharing your knowledge, and thrive on personal and professional growth, you're exactly the kind of manager we're looking for. Our Cybersecurity team is growing, and we're looking for a self-directing manager who can work both independently and collaboratively, with a passion for leading teams and achieving goals. You will gain valuable experience collaborating with cross-disciplinary teams, contributing to the protection of customers and shoppers nationwide.

What You’ll Need to Be Successful

• You have successfully managed and prioritized the workload of engineering teams, ensuring alignment with company goals and security objectives.
• You are experienced in conducting regular 1:1s, performance reviews, and career development conversations while fostering a culture of growth, feedback, and accountability.
• You have managed end-to-end vendor relationships, including execution of annual agreements, seamless onboarding processes, and consistent touchbases to ensure alignment, performance tracking, and issue resolution.
• You have led the planning, execution, and continuous improvement of PCI DSS and SOC 2 compliance programs, collaborating cross-functionally to ensure audit readiness, policy alignment, and secure operational practices
• You have experience planning and coordinating with multiple external vendors to scope, schedule, and execute penetration testing initiatives, ensuring timely remediation and audit readiness across systems and infrastructure.
• You have experience in managing a comprehensive vulnerability management program leveraging tools such as Qualys, driving risk-based prioritization, remediation workflows, and executive-level reporting.
• You have managed vulnerability triage, remediation strategies, and continuous process improvement to elevate program maturity and resilience.
• You have created and tracked key performance indicators (KPIs) for application security, driving measurable improvements in detection, prevention, and response.
• You have led post-incident reviews, ensuring root cause analysis and remediation actions are completed, and drive continuous improvement in incident response.
• You have experience with planning, researching and developing proactive incident response plans, resolving system vulnerabilities, and strengthening incident response including preventive measures
• You have collaborated on remediation plans for discovered security vulnerabilities, collaborating with engineering leads and product teams.
• You have owned the recruitment, onboarding, and retention efforts for the AppSec team, ensuring hiring of top talent and building a diverse, inclusive team.
• You have managed the team’s resource allocation, partnering with senior leaders to ensure adequate support for key initiatives.
• You have experience representing a team in cross-functional meetings, summarizing risks, achievements, and strategic priorities for stakeholders.
• You have excellent timely communication and escalation of critical security issues to executive leadership, providing clear context and recommended actions.

• You have a proven track record of delivery in cybersecurity, network security, infrastructure, application, or a security focused leadership role
• You have an understanding of least privilege and/or role-based access control principles; and the ability to analyze and make prudent decisions around access requests.
• You have experience in technical project management and application delivery
• You have excellent verbal and written communicator with the ability to speak to all levels within the organization

Nice to Haves:

• You have a CISSP, OSWE, CSSLP, GWAPT, GWEB, OSCP, CompTIA Security+ certification
• You have experience building with CI/CD systems as part of the software development lifecycle
• You have familiarity with containerization concepts and tools
• You have experience working and deploying with cloud platforms, especially Kubernetes
• You have experience building APIs, automation tools, and developer-facing services
• You have working knowledge of relational databases, web applications and services.
• You have working experience with source code version control (Git/GitHub)

Work Arrangement

Shipt considers candidates located near a Shipt office or workspace in Birmingham, San Francisco, or Minneapolis to be hybrid, which means that they have the flexibility to work from home (with leader approval) or at a Shipt office in order to facilitate the ability to innovate, collaborate, and spark team connections. In-office expectations will vary by role and leader. Certain roles may require in-office presence on a full-time basis. Please work with your recruiter to learn more about the classification of this role.

About Shipt

Shipt is a retail tech company that connects people to reliable, high-quality delivery with a personal touch. Shipt connects customers to the things they want from the stores they love, retail businesses to more satisfied customers, and workers to new earning opportunities.

At Shipt, we aim to put our team first to boost a sense of belonging, spark opportunities for growth, provide unique benefits and commit to giving back to our communities in ways that make life better, both personally and professionally. We understand that our service, our culture, and our connection to our communities are only made better by every single person who shows up to work here every day. Learn More.

Shipt is an independently operated, wholly owned subsidiary of Target Corporation and available in more than 5,000 U.S. cities. Shipt was founded and is headquartered in Birmingham, Alabama. For more information, please visit Shipt’s company site at Shipt.com.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, color, national origin, ethnicity, religion or religious belief, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, military or veteran status, disability, or any other characteristic protected by law.

Please inform your recruiting contact upon initial connection if you need a reasonable accommodation. If you need assistance filling out a job application, please complete this form.

For technical interviews, Shipt uses an online coding platform. In the event you may need a reasonable accommodation to use the online coding platform, please connect with your recruiter.

Employees (and eligible family members) are covered by medical, dental, vision and more. Employees may enroll in our company’s 401k plan. Employees will also be eligible to receive discretionary vacation for exempt team members, paid holidays throughout the calendar year and paid sick leave. Other compensation includes eligibility for an annual bonus and the potential for restricted stock units based on role.

Pay Range:

Metro Areas of Boston, District of Columbia, Los Angeles, San Francisco, Seattle and New York City:

$123,000-$247,000

All other locations:

$109,000-$219,000

Please note that the salary range above is a guideline, and individual total compensation will vary based on factors such as qualifications, skill level, competencies, and work location.