Thorlabs · 4 months ago
Security Engineering Manager
Newton, New Jersey, United States
Full-time
Hybrid
Director/ExecutiveThorlabs is committed to advancing science through innovative photonics technologies. The Security Engineering Manager will lead cybersecurity engineering, architecture, and operations, collaborating with IT and business stakeholders while managing the security engineering team and optimizing security operations.
Health CareManufacturing
Responsibilities
Serve as a strategic advisor to the IT leadership team on emerging threats, investment priorities, and security posture
Set and track KPIs, KRIs, OKRs, and metrics to ensure effectiveness and continuous improvement
Collaborate closely with Infrastructure and Operations, Enterprise Applications, Application Development, and Enterprise Data teams to embed security into their processes
Present to executive stakeholders and help translate technical risk into business impact
Serve as the security SME in enterprise projects and technology investments, including tool evaluations, acquisitions, and divestitures, including strategic planning, budgeting, and cross-functional alignment
Define and drive the enterprise security architecture roadmap across infrastructure, cloud, applications, and Operational Technology (OT)
Lead the design and implementation of security controls, frameworks, and reference architectures
Oversee architecture reviews, and secure-by-design practices across the organization
Ensure baseline security measures are implemented and monitored (e.g., hardening, patching, zero trust, segmentation)
Manage integration and ongoing optimization of security tools (e.g., CSPM, CNAPP, IAM, PKI, DLP)
Lead the Security Engineering function responsible for Identity and Access Management
Architect and enhance enterprise IAM strategy including RBAC, PAM, MFA, SoD, and JML lifecycle
Drive IAM policy creation and enforcement across service, privileged, and user accounts
Guide the definition of IAM operating models, access certification processes, and automation of identity governance
Oversee day-to-day security operations including SOC management (outsourced), SIEM/SOAR (Microsoft Sentinel), EDR/XDR, and threat detection and response
Collaborate with the SOC to improve detection rules, reduce false positives, and ensure robust incident detection and response capabilities
Plan and oversee penetration testing, forensic analysis, and incident investigations
Align security architecture and operations with regulatory frameworks such as NIST, ISO 27001, CMMC, PCI-DSS, and GDPR
Partner with the GRC and Audit teams to ensure technical controls support broader compliance and risk
Coordinate with the GRC team to support policy development, risk assessments, and business continuity/disaster recovery planning
Qualification
Required
Proven ability to manage teams
Experience architecting complex solutions
Ability to influence across departments
Experience in cybersecurity engineering, architecture, and operations
Experience with enterprise security architecture (both Cloud and on-prem)
Experience managing security engineering teams
Experience optimizing security operations including an outsourced SOC
Ability to serve as a strategic advisor to IT leadership on emerging threats and security posture
Experience setting and tracking KPIs, KRIs, OKRs, and metrics
Experience collaborating with Infrastructure and Operations, Enterprise Applications, Application Development, and Enterprise Data teams
Ability to present to executive stakeholders and translate technical risk into business impact
Experience defining and driving enterprise security architecture roadmap
Experience leading design and implementation of security controls, frameworks, and reference architectures
Experience overseeing architecture reviews and secure-by-design practices
Experience managing integration and ongoing optimization of security tools
Experience leading Security Engineering function responsible for Identity and Access Management
Experience architecting and enhancing enterprise IAM strategy including RBAC, PAM, MFA, SoD, and JML lifecycle
Experience driving IAM policy creation and enforcement
Experience guiding definition of IAM operating models and access certification processes
Experience overseeing day-to-day security operations including SOC management, SIEM/SOAR, EDR/XDR, and threat detection and response
Experience planning and overseeing penetration testing, forensic analysis, and incident investigations
Experience aligning security architecture and operations with regulatory frameworks such as NIST, ISO 27001, CMMC, PCI-DSS, and GDPR
Experience partnering with GRC and Audit teams to ensure technical controls support compliance and risk
Experience coordinating with GRC team to support policy development, risk assessments, and business continuity/disaster recovery planning
Company
Thorlabs
Thorlabs is a privately held optical equipment company.
Founded in 1989
1001-5000 employees
H1B Sponsorship
Thorlabs has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (11)
2024 (8)
2023 (2)
2022 (8)
2021 (6)
2020 (3)
Funding
Current Stage
Late StageLeadership Team
Peter Heim
Chief Technology Officer & General Manager
Larry Wineberg
CFO
Recent News
2026-01-15
2026-01-14
2025-12-10
Company data provided by crunchbase