Senior Manager – Application Security (Remote)

Job summary

The Senior Manager of Application Security is responsible for leading a global team that integrates security into the Software Development Lifecycle (SDLC). This role emphasizes secure development practices while collaborating with product and engineering teams to mitigate risks and enhance innovation.

Qualifications

• Over 10 years of experience in software, application, or product security, with a strong background in secure software development.
• At least 3 years of technical leadership or management experience in a security-focused role.
• Extensive knowledge of threat modeling methodologies and risk assessment, particularly in SaaS environments.
• Proven experience in running Security Champions programs and enhancing developer engagement.
• Familiarity with governance frameworks such as ISO 27001 and SOC 2.
• Experience with AI/LLM tooling and security considerations related to these technologies.
• Proficient in securing API-driven and microservice architectures, particularly in AWS environments.

Responsibilities

• Lead and mentor a globally distributed team focused on application security and vulnerability remediation.
• Coordinate cross-functional initiatives and manage project leadership within the team.
• Integrate security into the product lifecycle through threat modeling and risk reviews.
• Oversee bug bounty and third-party testing programs to ensure effective vulnerability management.
• Develop and scale a Security Champions program to promote security ownership within engineering teams.
• Guide the secure adoption of AI-driven development tools and workflows.
• Define and report on key performance indicators for secure development practices and developer engagement.
• Collaborate with Privacy, Legal, and Compliance teams to ensure regulatory alignment.

Skills

• Strong communication skills to convey technical risks to non-technical stakeholders.
• Ability to build relationships and influence cross-functional teams.
• Problem-solving skills to identify scalable, risk-based solutions.

Education

• Relevant degree in Computer Science, Information Security, or a related field is preferred.

Tools

• Familiarity with security tools and methodologies, including penetration testing and vulnerability management tools.