About the Opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Senior Security Analyst with experience performing analysis and incident management of information security events, as well as experience contributing directly to the growth of and design of a security program. As a Senior Security Analyst, you will have daily alert investigation and incident response responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security program.

Candidates should have experience triaging new and unfamiliar alerts, leading technical workstreams in incidents, or leading all aspects of medium scale incidents. They should have experience creating and maintaining high quality threat detection and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.

You will be expected to work independently, work as a part of a global dispersed team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.

What to expect? 

• Perform daily alert investigation and response in a hybrid environment.
• Conduct detail-oriented analysis across challenging and complex ecosystems.
• Communicate investigation and threat updates to technical and non technical senior leaders.
• Work collaboratively across internal functions to identify, respond, and remediate security issues.
• Investigate and lead incidents of medium size and complexity.
• Investigate vulnerability exploitation and support remediation inline with vulnerability programs.
• Collaborate with the team and actively assist in major response exercises.
• Drive continuous improvement across all aspects of threat detection and response.
• Create processes, documentation, and runbooks to support a rapidly growing team.
• Identify systemic issues and collaborate on approaches to address root causes.
• Collaborate on threat models by incorporating detection use cases into designs.
• Identify and lead efforts to improve efficiency, response, detection, and preventative measures.
• Design and build detection logic across multiple platforms (e.g., SIEM, EDR, etc.)
• Play an active role in scaling Operation practices by contributing to team roadmaps.
• Provide delightful and informative interactions with all end users.
• Proactively identify opportunities for user training and awareness programs.
• Provide insights and input on tool selection to help grow our cybersecurity portfolio.

What you need to be successful

• 5+ years of Security Operations experience, including alert triage and investigation
• 2+ detection and tuning experience, inclusive of Security Operations experience
• 2+ years of Security Incident Response experience
• Ability to support on call and occasional off-hours incident response efforts
• Proficiency in analysis fundamentals (e.g., log analysis, live response, forensics, etc.)
• Mastery of investigation methods and adept at handling new and unfamiliar cases.
• Firm understanding of attacker Tactics, Techniques, and Procedures
• Proficiency in attacker techniques in cloud-native and traditional environments.
• Strong technology fundamentals (e.g., OSI Model, TCP/IP, Layer 7 protocols , etc.)
• Ability to perform detailed host analysis on Mac, Windows, & Linux systems.
• Hands-on experience using security technologies (e.g., SIEM, EDR, AntiVirus, etc.)
• Hands-on experience with malware analysis using dynamic and static analysis tools.
• Expertise in AWS audit and security services to investigate cloud centric threats
• Proficiency investigating incidents across SaaS platforms and identity systems
• Experience performing investigations in cloud service providers (e.g., AWS, GCP, Azure, etc.)
• Practical experience with cross-platform and hybrid environment investigations
• Ability to interpret designs and enumerate actionable detection use cases
• Familiarity with modern engineering and detection engineering practices
• Practical mindset to balance business needs with security requirements.
• A drive for change through continuous improvement
• Capable of working independently but possesses a collaborative mindset
• Comfortable working with a geographically dispersed team.
• Experience working independently and as part of a team
• Ability to work in a fast-paced environment, often juggling multiple tasks, alerts, and incidents
• Passion for solving complex security problems in innovative and scalable ways

What’s in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days,  education days, compassion days for loss, and volunteer days
• Time off to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication phone/internet stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

About the Opportunity

Candidates must be located in the eastern time zone.

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives, such as architecture design, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies, with demonstrable proficiency in infrastructure-as-code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making a meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-paced software-as-a-service environment.

What to Expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen the security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What You Need to Be Successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools.
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Exposure to JavaScript and Go with the ability to perform security code reviews.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, the OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passionate about designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

New York Salary Statement: The salary range displayed is specifically for potential hires who will work or reside in New York if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, the applicant's skills and prior relevant experience, and certain degrees and certifications (e.g., JD/technology).

New York Salary Range:  $153,000 - $207,000

[This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.]

Candidates must be located in the eastern time zone.

About the Opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways, with deep experience leading incident response and detection programs at scale. As the Manager of Threat Detection and Response, you will own the operational and strategic direction of security incident response, including team development, program strategy, and capability maturity in alignment with broader security and company objectives.

You will remain hands-on, contributing to day-to-day detection and response activities while designing, building, and operating detection and response capabilities across cloud-native and corporate environments. You will lead large-scale, cross-functional incident response efforts, ensuring effective coordination, clear communication, and timely resolution of complex security events. This role requires strong expertise in detection engineering, attacker techniques, and modern security practices, with the ability to apply these concepts in practical and scalable ways.

You will drive continuous improvement across the Threat Detection and Response program and partner closely with security, IT, and cross-functional stakeholders to align priorities, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact to end users across the organization.

 What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Mature effectiveness and efficiency by improving processes, tooling, and documentation.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Shape work scope, sequencing, and success criteria in line with department and company needs.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Perform daily alert investigation and response in a cloud-native and traditional environment.
• Investigate and lead teams responding to incidents of varying sizes and complexities
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct response work.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Facilitate incident training, including table top exercises.
• Lead and refine detection engineering, including the creation and upkeep of threat detections.
• Collaborate on threat models by incorporating detection use cases into designs.
• Identify systemic issues and collaborate on approaches to address root causes.
• Compose high-quality incident and threat reports for executives.
• Provide insights and input on tool selection to help grow our cybersecurity portfolio.
• Ensure all end users receive delightful and informative interactions with Security.

What you need to be successful

• 6+ years experience in security operations, including alert triage and investigation
• 4+ years conducting large scale incident response activities with 2+ years leading
• 2+ years managing people and security operations teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Ability to support occasional off-hours incident response efforts
• Expertise in attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Expertise in AWS audit and security services to investigate cloud centric threats
• Expert usage, data onboarding, and data administration within Splunk
• Mastery of investigation methods and capable of handling complex and ambiguous cases
• Practical experience with cross-platform and hybrid environment investigations
• Ability to perform detailed host analysis on Mac, Windows, & Linux systems
• Proficient in correlating patterns across assets and environments to support investigation.
• Incident lifecycle master with ability to cohesively manage simultaneous workstreams
• Ability to make tactical and fundamental recommendations to improve security
• Ability to design large-scale threat detection using diverse technologies and data sets
• Skilled in evaluating quantitative and qualitative effectiveness of security measures
• Familiarity with modern engineering and detection engineering practices
• Passion for solving complex security problems in innovative and scalable ways
• A drive for change through continuous improvement
• Capable of working independently but possesses a collaborative mindset
• Ability to work in a fast-paced environment, often juggling multiple projects
• Experience working independently and as part of a team

This position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment. 

#LIremote

About the Opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives, such as architecture design, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies, with demonstrable proficiency in infrastructure-as-code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making a meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-paced software-as-a-service environment.

What to Expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen the security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What You Need to Be Successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools.
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Exposure to JavaScript and Go with the ability to perform security code reviews.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, the OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passionate about designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

About the Opportunity

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Senior Security Analyst with experience performing analysis and incident management of information security events, as well as experience contributing directly to the growth of and design of a security program. As a Senior Security Analyst, you will have daily alert investigation and incident response responsibilities, but you will be empowered to proactively drive change to shape and support the growth of our Security program.

Candidates should have experience triaging new and unfamiliar alerts, leading technical workstreams in incidents, or leading all aspects of medium scale incidents. They should have experience creating and maintaining high quality threat detection and demonstrate knowledge and understanding of common Information Security principles and frameworks, coupled with excellent communications skills and a continuous desire to learn and grow.

You will be expected to work independently, work as a part of a global dispersed team, and partner with stakeholders throughout the organization to ensure comprehensive risk mitigation while reducing impact to end users throughout the organization.

What to expect? 

• Perform daily alert investigation and response in a hybrid environment.
• Conduct detail-oriented analysis across challenging and complex ecosystems.
• Communicate investigation and threat updates to technical and non technical senior leaders.
• Work collaboratively across internal functions to identify, respond, and remediate security issues.
• Investigate and lead incidents of medium size and complexity.
• Investigate vulnerability exploitation and support remediation inline with vulnerability programs.
• Collaborate with the team and actively assist in major response exercises.
• Drive continuous improvement across all aspects of threat detection and response.
• Create processes, documentation, and runbooks to support a rapidly growing team.
• Identify systemic issues and collaborate on approaches to address root causes.
• Collaborate on threat models by incorporating detection use cases into designs.
• Identify and lead efforts to improve efficiency, response, detection, and preventative measures.
• Design and build detection logic across multiple platforms (e.g., SIEM, EDR, etc.)
• Play an active role in scaling Operation practices by contributing to team roadmaps.
• Provide delightful and informative interactions with all end users.
• Proactively identify opportunities for user training and awareness programs.
• Provide insights and input on tool selection to help grow our cybersecurity portfolio.

What you need to be successful

• 5+ years of Security Operations experience, including alert triage and investigation
• 2+ detection and tuning experience, inclusive of Security Operations experience
• 2+ years of Security Incident Response experience
• Ability to support on call and occasional off-hours incident response efforts
• Proficiency in analysis fundamentals (e.g., log analysis, live response, forensics, etc.)
• Mastery of investigation methods and adept at handling new and unfamiliar cases.
• Firm understanding of attacker Tactics, Techniques, and Procedures
• Proficiency in attacker techniques in cloud-native and traditional environments.
• Strong technology fundamentals (e.g., OSI Model, TCP/IP, Layer 7 protocols , etc.)
• Ability to perform detailed host analysis on Mac, Windows, & Linux systems.
• Hands-on experience using security technologies (e.g., SIEM, EDR, AntiVirus, etc.)
• Hands-on experience with malware analysis using dynamic and static analysis tools.
• Expertise in AWS audit and security services to investigate cloud centric threats
• Proficiency investigating incidents across SaaS platforms and identity systems
• Experience performing investigations in cloud service providers (e.g., AWS, GCP, Azure, etc.)
• Practical experience with cross-platform and hybrid environment investigations
• Ability to interpret designs and enumerate actionable detection use cases
• Familiarity with modern engineering and detection engineering practices
• Practical mindset to balance business needs with security requirements.
• A drive for change through continuous improvement
• Capable of working independently but possesses a collaborative mindset
• Comfortable working with a geographically dispersed team.
• Experience working independently and as part of a team
• Ability to work in a fast-paced environment, often juggling multiple tasks, alerts, and incidents
• Passion for solving complex security problems in innovative and scalable ways

What’s in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days,  education days, compassion days for loss, and volunteer days
• Time off to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication phone/internet stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

#LI-KH1 #LI-Hybrid

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

#LI-Remote

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

#LI-Remote

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

Massachusetts Salary Statement: The salary range displayed is specifically for those potential hires who will work or reside in the state of Massachusetts if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD/technology), for example.

Massachusetts Salary Range: $187,000 - $253,00

#LI-Remote 

About the Opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives, such as architecture design, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies, with demonstrable proficiency in infrastructure-as-code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making a meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-paced software-as-a-service environment.

What to Expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen the security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What You Need to Be Successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools.
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Exposure to JavaScript and Go with the ability to perform security code reviews.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, the OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passionate about designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

#LI-Remote

About the Opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives, such as architecture design, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies, with demonstrable proficiency in infrastructure-as-code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making a meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-paced software-as-a-service environment.

What to Expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen the security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What You Need to Be Successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools.
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Exposure to JavaScript and Go with the ability to perform security code reviews.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, the OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passionate about designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

#LI-Remote

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

#LI-Remote

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

New York Salary Statement: The salary range displayed is specifically for those potential hires who will work or reside in the state of New York if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD/technology), for example.

New York Salary Range: $187,000 - $253,00

#LI-Remote

About the Opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives, such as architecture design, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies, with demonstrable proficiency in infrastructure-as-code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making a meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-paced software-as-a-service environment.

What to Expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen the security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What You Need to Be Successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools.
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Exposure to JavaScript and Go with the ability to perform security code reviews.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, the OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passionate about designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

About the Opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports corporate-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven Security Engineer with experience working in cloud-native product infrastructure and corporate environments. In this role, you will manage daily alerts and operations while leading broader collaborative initiatives, such as architecture design, threat modeling, and vulnerability identification, to drive meaningful security improvements. Candidates should be skilled in cloud-native technologies, with demonstrable proficiency in infrastructure-as-code and application development.

This hands-on role offers an opportunity to grow your expertise in cloud technologies and security tooling while making a meaningful impact by embedding security practices and supporting secure third-party integrations in a fast-paced software-as-a-service environment.

What to Expect

• Lead initiatives and partner with teams to embed practical security safeguards and champion a security-first mindset across the business.
• Lead security assessments and remediation for cloud-native applications, infrastructure, and vendor integrations to proactively identify and address risk.
• Support vulnerability management by identifying, tracking, and partnering with teams to drive remediation of security issues across product and corporate environments.
• Develop and maintain security solutions through custom development and effective tool management to enhance efficiency and operational effectiveness.
• Leverage industry standards to develop hardening requirements and monitoring mechanisms that enforce and strengthen the security of systems and environments.
• Advance the development, customization, and maintenance of hardening standards and monitoring mechanisms for systems and environments.
• Drive security and monitoring enhancements to containerized workloads and orchestration platforms.
• Participate actively in incident investigations through independent analysis, contributing to findings, root cause analysis, and remediation efforts.
• Collaborate in defining and monitoring evolving security compliance and regulatory requirements.
• Research and evaluate emerging threats, vulnerabilities, and security technologies to keep defenses up to date.

What You Need to Be Successful

• 4+ years of security engineering, DevSecOps, or equivalent experience.
• Hands-on expertise with AWS architecture, services, and security features.
• Proficiency in Python to build and maintain security tools.
• Familiarity with Kubernetes and container security, including configuration and runtime protection.
• Exposure to JavaScript and Go with the ability to perform security code reviews.
• Experience using Terraform to build, deploy, and maintain infrastructure as code.
• Strong foundational networking knowledge covering cloud networking concepts, the OSI model, TCP/IP, and routing fundamentals.
• Demonstrable ability to embed security considerations throughout the software development lifecycle.
• Hands-on involvement supporting vulnerability management and incident response functions.
• Familiarity with authentication and authorization protocols and mechanisms (OAuth, SAML, JWT, IAM)
• Experience identifying and mitigating OWASP Top 10 vulnerabilities in web applications and APIs.
• Clear and effective communication skills.
• Ability to articulate security risks and tradeoffs to both technical and semi-technical audiences.
• A proactive, growth-oriented mindset focused on continuous learning, innovation, and raising security standards.
• Passionate about designing and performing hands-on implementation work.
• Ability to work in a fast-paced environment, often juggling multiple projects.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

About the opportunity

Candidates must be located in the eastern time zone

Contentful strives to build a secure and safe service and commits considerable effort and resources to security. Our Security team supports organization-wide information security management programs and collaborates closely with internal teams. We believe that Security must be anchored by DevOps principles with strong repeatable processes.

We are looking for a committed and driven manager who is passionate about solving complex security problems in innovative and scalable ways. As a Manager of Security Engineering, you will own security engineering across Contentful’s corporate systems, including the tooling and platforms that support the internal security team. While this role does not own security for the customer facing product, you will partner closely with product security teams within the security organization on shared responsibilities.

You will balance people leadership with hands-on technical execution, including designing, building, and operating security controls and tooling at scale, with a particular focus on areas such as identity and access management, data security, and SaaS platforms. You will provide strategic guidance and lead initiatives while remaining directly involved in implementation. You may work independently at times, but will more often collaborate closely with security, IT, and cross-functional partners to align strategies, execute shared initiatives, and ensure comprehensive risk mitigation while minimizing impact on end users across the organization.

What to expect?

• Develop a team, providing coaching, mentorship, goal setting, and performance feedback.
• Define roles and make hiring decisions to grow the team in line with department needs.
• Remain hands on, balancing technical leadership with direct implementation work.
• Own execution and prioritization across projects and operations, using agile delivery practices.
• Scale and mature effectiveness and efficiency by improving processes and tooling.
• Champion continuous improvement across all aspects of the security program.
• Continuously improve effectiveness and efficiency by evolving processes and tooling.
• Communicate risks and technical concepts with clarity to leadership and stakeholders.
• Collaborate with security leadership to execute business aligned, risk reduction roadmaps.
• Shape work scope, sequencing, and success criteria inline with department and company needs.
• Drive security processes, standards, and best practices across information technology assets.
• Partner with stakeholders to evolve security awareness and specialized training across all functions.
• Mature capabilities across endpoint, SaaS, and cloud configuration.
• Own strategy evolution of corporate capabilities, including configuration, IAM, and data security.
• Enhance tooling, automation, and integrations to improve visibility and reduce manual effort.
• Support and guide security incident response efforts as a technical leader.
• Support cross functional vulnerability management while advancing the program capabilities.
• Define and maintain metrics to measure impact, optimize execution, and guide investment.
• Partner with cross-functional teams for security enhancement and drive risk reduction.
• Accelerate adoption of AI, balancing practicality enablement, and risk management.
• Stay current on threats, vulnerabilities, and tactics, translating insights into actionable strategies.

What you need to be successful?

• 8+ years of progressive engineering and security experience.
• 3+ years managing people and security engineering teams.
• Comfort operating in ambiguity, balancing strategic thinking, security, and practicality.
• Expertise with AWS, GCP, and Azure.
• Strong hands-on experience designing, implementing, and operating security controls at scale.
• Demonstrated experience securing endpoint, SaaS, and cloud environments.
• Experience working within identity and access management and data security programs.
• Software development experience in modern programming language (Python, Go, etc)
• Hands-on experience using Terraform and infrastructure-as-code.
• Experience applying modern practices to improve efficiency and scalability or security programs.
• Passion for solving complex security problems in innovative and scalable ways.
• Experience using metrics to measure impact, optimize execution, and guide investment decisions.
• Strong communication skills with the ability to explain technical topics to non technical audiences.
• Ability to support occasional off-hours incident response efforts.
• Familiarity with attacker techniques in cloud-native and traditional environments.
• Hands-on experience owning security technologies (e.g., EDR, AntiVirus, etc.)
• Proven ability to lead cross-functional initiatives and influence outcomes without direct authority.
• Experience owning end to end security programs, proactively driving incremental improvement.
• Strong systems thinking, with the ability to design security solutions that scale through efficiency.

What's in it for you?

• Join an ambitious tech company reshaping the way people build digital experiences
• Full-time employees receive Stock Options for the opportunity to share in the success of our company
• Comprehensive healthcare package covering 100% of monthly health premiums for employees  and 85% of costs for your dependents. 
• Fertility and family building benefits, including a lifetime reimbursable wallet to support your growing family.
• We value Work-Life balance and You Time! A generous amount of paid time off, including vacation days, sick days, compassion days for loss,  education days, and volunteer days
• Company paid parental leave to care for and focus on your growing family 
• Use your personal annual education budget to improve your skills and grow in your career
• Enjoy a full range of virtual and in-person events, including workshops, guest speakers, and fun team activities, supporting learning and networking exchange beyond the usual work duties 
• An annual wellbeing stipend to care for your physical, financial, or emotional health
• A monthly communication stipend and phone hardware upgrade reimbursement.
• New hire office equipment stipend for hybrid or distributed employees. Get the gear you need to work at your best.

This role will need to be conducted in a state in which we are currently registered to do business. In addition, this position is not eligible for visa sponsorship. Applicants must be authorized to work without the need for visa sponsorship by the start date of employment.

This position is eligible for equity awards in accordance with the terms of Contentful’s equity plans.

New Jersey Salary Statement: The salary range displayed is specifically for those potential hires who will work or reside in the state of New Jersey if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD/technology), for example.

New Jersey Salary Range: $187,000 - $253,00

#LI-Remote