Senior Software Engineering Manager, Security Applications & Tools

Team Overview

The Security Applications & Tools (SAT) team within Lattice Platform Security team builds the software systems that detect manage and remediate vulnerabilities across Andurils entire product ecosystem at scale. The team owns a vertically integrated scanning platform policy-as-code enforcement engines and vulnerability management infrastructure all custom-built to meet the unique demands of defense-grade software. This is a software engineering team that happens to work in the security domain not a team that configures off-the-shelf security products.

Job Description

Were looking for a Senior Engineering Manager who can lead the SAT team while remaining deeply technical and hands-on. This is a cross-functional role: youll work directly with business lines across Anduril to understand their security challenges translate those into engineering requirements design solutions and actively contribute to implementation. Youll own the teams roadmap for application security vulnerability management and cyber accreditation tooling and youll build alongside the engineers you lead.

Key Responsibilities

• Lead and grow a team of software engineers building security automation and vulnerability management systems
• Set technical direction for the teams scanning infrastructure policy engines and vulnerability management platform
• Work directly with business lines to understand security use cases concerns and compliance requirements translating them into actionable engineering plans
• Design and architect distributed systems for scalable vulnerability detection policy enforcement and remediation workflows
• Contribute hands-on to implementation in Go Python and infrastructure-as-code
• Own the teams roadmap for application security tooling balancing business line needs with platform-wide improvements
• Drive technical decisions around build-vs-buy ensuring the team builds custom solutions where off-the-shelf tools fall short
• Collaborate with Platform Security Engineering on shared infrastructure and cross-cutting security concerns
• Establish engineering standards for code quality testing and operational excellence within the team
• Manage career development hiring and performance for team members

Required Qualifications

• 8 years of software engineering experience with at least 3 years in an engineering management role
• Strong hands-on software development skills in Go or Python you still write and review code regularly
• Experience building and operating distributed systems or data pipelines (event-driven architectures message queues serverless)
• Demonstrated ability to work cross-functionally: gathering requirements from non-engineering stakeholders translating business needs into technical plans and driving execution
• Experience with at least one of: application security tooling vulnerability management systems or CI/CD security integration
• Track record of building and retaining high-performing engineering teams
• Strong communication skills with proven ability to influence technical decisions across organizational boundaries
• Eligible to obtain and maintain active U.S. Secret security clearance

Preferred Qualifications

• Experience with AWS services (SQS Lambda S3 ECR) in production environments
• Familiarity with vulnerability scanning tools (Trivy Grype Semgrep Syft) and how to integrate or extend them programmatically
• Experience with Terraform and infrastructure-as-code practices
• Background in defense aerospace or other regulated industries with compliance requirements (STIGs NIST cyber accreditation)
• Experience with policy-as-code frameworks (OPA/Rego Conftest)
• Familiarity with container security SBOM generation and software supply chain security

The salary range for this role is an estimate based on a wide range of compensation factors inclusive of base salary only. Actual salary offer may vary based on (but not limited to) work experience education and/or training critical skills and/or business considerations. Highly competitive equity grants are included in the majority of full time offers; and are considered part of Andurils total compensation package. Additionally Anduril offers top-tier benefits for full-time employees including:

Healthcare Benefits

• US Roles:Comprehensive medical dental and vision plans at little to no cost to you.
• UK & AUS Roles:We cover full cost of medical insurance premiums for you and your dependents.
• IE Roles: We offer an annual contribution toward your private health insurance for you and your dependents.

Additional Benefits

• Income Protection: Anduril covers life and disability insurance for all employees.
• Generous time off: Highly competitive PTO plans with a holiday hiatus in December. Caregiver & Wellness Leave is available to care for family members bond with a new baby or address your own medical needs.
• Family Planning & Parenting Support: Coverage for fertility treatments (e.g. IVF preservation) adoption and gestational carriers along with resources to support you and your partner from planning to parenting.
• Mental Health Resources:Access free mental health resources 24/7 including therapy and life coaching. Additional work-life services such as legal and financial support are also available.
• Professional Development:Annual reimbursement for professional development
• Commuter Benefits:Company-funded commuter benefits based on your region.
• Relocation Assistance:Available depending on role eligibility.

Retirement Savings Plan

• US Roles:Traditional 401(k) Roth and after-tax (mega backdoor Roth) options.
• UK & IE Roles:Pension plan with employer match.
• AUS Roles:Superannuation plan.

The recruiter assigned to this role can share more information about the specific compensation and benefit details associated with this role during the hiring process.

Data Privacy

To view Andurils candidate data privacy policy please visit submitting your application you consent to Anduril Industries using a third-party service provider to conduct pre-employment risk integrity and due diligence screening and assessing potential risks as part of your application process. This third-party service provider provides risk-intelligence services that may include analysis of sanctions and watchlists adverse media public-record information and other lawful open-source or commercial data sources. This third-party service provider does not act as a consumer reporting agency. Use of this provider helps to ensure compliance with applicable laws and protect technology intellectual property and organizational security.