Engineering Manager, Security

EvenUp is on a mission to close the justice gap using technology and AI. We empower personal injury lawyers and victims to get the justice they deserve. Our products enable law firms to secure faster settlements, higher payouts, and better outcomes for victims injured through no fault of their own in vehicle collisions, accidents, natural disasters, and more.

We are one of the fastest-growing vertical SaaS companies in history, and we are just getting started. EvenUp is backed by top VCs, including Bessemer Venture Partners, Bain Capital Ventures, SignalFire, and Lightspeed. We are looking to expand our team with talented, driven, and collaborative individuals who seek to have a lasting impact. Learn more at www.evenuplaw.com.

Today, our engineering team is roughly 120 people, but by the end of 2026, we’ll roughly double in size. As we grow, we’re looking for a strong Manager to work cross-functionally and manage our security and IT teams within our infrastructure team. We need a hands-on Security Manager to lead our Security efforts and drive our growth. You’ll help us evaluate whether to build or buy security solutions.

• →

  Security Strategy & Team Leadership - Define EvenUp's security roadmap and lead a growing Security & IT team. Serve as the internal authority on risk and security posture, advising engineering, legal, and the executive team. Hire and develop talent as the function scales.

• →

  Compliance (SOC 2 & HIPAA) - Own our SOC 2 Type II and HIPAA programs end-to-end: gap assessments, control design, audit readiness, and ongoing compliance. Maintain policies and procedures, manage auditor relationships, and stay ahead of evolving regulatory requirements.

• →

  Product Security - Partner with Engineering to embed security into the SDLC through threat modeling, secure design reviews, and vulnerability management (SAST, DAST, pen testing). Champion a shift-left, security-by-design culture across the product org.

• →

  Corporate IT & Infrastructure Security - Own corporate IT systems (MDM, SSO/IdP, endpoint security, IAM) and cloud security posture. Evaluate and deploy security tooling. Enforce least-privilege and zero-trust principles across the organization.

• →

  Vendor & Third-Party Risk Management - Lead the vendor risk program, including security assessments, contract reviews (BAAs, DPAs), and ongoing monitoring of third-party risk exposure.

• →

  Incident Response & Risk Management - Maintain the risk register, run periodic risk assessments, and own the incident response plan. Lead tabletops, manage live incidents, and coordinate breach notification in partnership with legal.

• →

  Security Culture & Enablement - Drive security awareness across the company through training, documentation, and internal evangelism. Coach engineers and business teams on best practices and build a security-first culture from the inside out.

• →

  Mentorship & Growth: Recruit, mentor, and develop engineers through regular feedback, coaching, and career development. Support performance management, growth planning, and team health.

EvenUp has been made aware of fraudulent job postings and unaffiliated third parties posing as our recruiting team – please know that we have no affiliation or connection to these situations. We only post open roles on our career page (evenuplaw.com/careers) or reputable job boards like our official LinkedIn or Indeed pages, and all official EvenUp recruitment emails will come from the domains @evenuplaw.com, @evenup.ai, @ext-evenuplaw.com, no-reply@ashbyhq.com or no‑reply@canditech.io email addresses.

To ensure fairness and proper consideration, we do not accept resumes or expressions of interest via email or social media messages. If you’re interested in a role, please submit your application directly through our careers page.

If you receive communication from someone you believe is impersonating EvenUp, please report it to us at talent-ops-team@evenuplaw.com. Examples of fraudulent domains include “careers-evenuplaw.com” and “careers-evenuplaws.com”.