You would need to go to the domain model, double click on your employee entity and add a security rule for the manager which has an xpath to the user.
Something like:
[Module.Employee_Manager/Module.Manager/Module.Manager_Account = '[%CurrentUser%]']
You could add xpath constraints to your domain model so that a manager is only allowed to see employees associated with him.
If that is not possible because of other program logic, you can add such a constraint to your data grid/view/…
The xpath does not care if its 1-1, 1-* or *-*