Application Security Manager (People Leader)

About The Position

Requirements

• Deep understanding of application security principles, vulnerabilities, and mitigation strategies.
• Expertise in secure coding practices and common web application security threats.
• Experience with security assessment tools and methodologies (e.g., penetration testing, static code analysis).
• Knowledge of software development lifecycle (SDLC) and Agile methodologies.
• Strong communication and collaboration skills to work effectively with development teams.
• Leadership and ability to influence stakeholders at all levels.
• Relevant security certifications (e.g., CISSP, CISM, CISA, OSCP, OWASP).

Responsibilities

• Establish and maintain application security policies, standards, and guidelines aligned with industry best practices.
• Develop a comprehensive application security strategy to identify and prioritize security risks.
• Create and implement application security awareness training programs for developers and other stakeholders.
• Conduct regular security assessments of applications, including SAST scanning, code reviews, and threat modeling.
• Identify and prioritize vulnerabilities discovered during security assessments.
• Work with development teams to remediate vulnerabilities and track remediation progress.
• Collaborate with development teams to integrate security practices into the entire software development lifecycle (SDLC).
• Champion secure coding practices and promote the use of security tools within the development process.
• Manage and mentor a team of application security engineers.
• Develop and maintain the technical expertise of the application security team.