Application Security Manager

Alter DomusChicago, ND
Hybrid

About The Position

We are looking for an Application Security Manager to lead and scale our Application Security program. Reporting to the Global Head of Security, you will be the connective tissue between Engineering and Security — embedding security into how we build, not bolting it on after the fact. You have deep empathy for developers and understand their tools and workflows. You lead with automation and actionable guidance, not friction. You are equally comfortable conducting threat models and code reviews as you are building CI/CD integrations and running a Security Champions program.

Requirements

  • 4+ years of hands-on application security experience, including cloud-based and containerized environments.
  • Proven experience with secure code reviews and ability to interpret SAST, SCA, and DAST findings and translate them into developer-friendly guidance.
  • Strong working knowledge of modern CI/CD workflows, including Azure Pipelines and GitHub Actions.
  • Deep familiarity with the OWASP Top 10 for web applications and APIs, and how to apply them in practice.
  • Hands-on experience with security tooling such as Snyk, Cycode, Apiiro, Burp Suite, or equivalents.
  • Familiarity with cloud platforms (AWS, Azure) and containerization technologies (Docker, Kubernetes).
  • Ability to communicate complex security concepts clearly and drive buy-in across engineering levels with minimal supervision.
  • Strong collaboration skills and a developer-first mindset — you make security easier, not harder.

Nice To Haves

  • Proficiency in Python, Java, or C#.
  • Exposure to AI-SBOM and familiarity with AI-SDLC security considerations.
  • Experience building or scaling a Security Champions program.
  • Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent professional experience).

Responsibilities

  • Lead secure design reviews and threat modeling to surface risks early in the development lifecycle.
  • Deploy and operationalize SAST, DAST, SCA, and secrets scanning across repositories and pipelines.
  • Partner with the Platform DevOps team to build and maintain security automation that embeds inline checks into CI/CD pipelines.
  • Help architect secure-by-default frameworks, workflows, and reusable patterns for engineering teams.
  • Conduct application security code reviews and provide clear, developer-friendly remediation guidance aligned with secure coding practices.
  • Define and enforce SLA governance for security findings — from identification and prioritization through to remediation tracking.
  • Maintain an accurate and up-to-date application asset inventory.
  • Create and maintain Developer Security Standards with deep familiarity across Azure DevOps, GitHub Enterprise, and GitHub Advanced Security.
  • Evaluate and implement security tooling and automation to continuously improve application security posture and operational efficiency.
  • Lead the Security Champions Program to build a security-first culture across engineering and IT operations.
  • Serve as a trusted advisor to development and cross-functional teams, translating security risks into concrete, prioritized actions.
  • Deliver training on secure coding practices that empowers developers to proactively own security outcomes.

Benefits

  • Support for professional accreditations
  • Flexible arrangements
  • Generous holidays
  • An additional day off for your birthday
  • Continuous mentoring along your career progression
  • Active sports, events and social committees across our offices
  • 24/7 support available from our Employee Assistance Program
  • The opportunity to invest in our growth and success through our Employee Share Plan
  • Additional local benefits depending on your location
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service