Manager, Application Security

This is a fully remote position, open to applicants in United States.

📋 Description

• Formulate and implement an application security strategy that encompasses threat modeling, secure code review methodologies, and vulnerability management.

• Create and uphold secure software development lifecycle practices and standards across all engineering teams.

• Supervise vulnerability management initiatives, including triage, tracking of remediation, and reporting to executives.

• Administer the application security tool portfolio, which includes SAST, DAST, and software composition analysis platforms.

• Direct threat modeling and architectural security assessments for key systems and new projects.

• Facilitate third-party security evaluations, penetration testing, and code reviews.

• Promote security awareness and training programs specifically designed for developers and architects.

• Set up KPIs and executive dashboards to convey the application security posture and risk trends.

• Collaborate with Engineering, DevOps, and Product leadership to integrate security into CI/CD pipelines and release procedures.

• Define and enforce application security policies, standards, and control frameworks.

• Assess and respond to new threats, CVEs, and industry advancements pertinent to application security.

• Lead, mentor, and develop a team of application security engineers.

⛳️ Requirements

• Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent professional experience.

• At least seven years of experience in application security, software development, or related security engineering roles.

• A minimum of three years of supervisory or leadership experience.

• Proven understanding of secure coding principles, OWASP vulnerabilities, and threat modeling methodologies.

• Expertise with application security tools, including SAST, DAST, and software composition analysis platforms.

• Excellent communication skills – comfortable presenting risks to executives as well as guiding engineers through code corrections.

• Strong verbal and written communication abilities.

• Highly organized and detail-oriented; adept at working in a fast-paced, metrics-driven environment.

• Proficient in Microsoft Office Suite, Word, Excel, Wiki, collaborative cloud-based applications, and third-party software tools.

🏝️ Benefits

• Medical insurance

• Dental insurance

• Vision insurance

• Life insurance

• AD&D insurance

• Long-term disability insurance

• 401(k) with employer match