Application Security Manager

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Science, or related field, or equivalent work experience
• 10 or more years of IT experience, including 5 or more years in security leadership roles
• Strong experience with security and compliance frameworks such as NIST, HIPAA, HITRUST, GDPR, and FedRAMP
• Experience designing and implementing enterprise security controls across applications, infrastructure, and networks
• Experience with vulnerability management tools and processes including SAST, DAST, and penetration testing
• Strong understanding of risk management, audit processes, and compliance reporting
• Experience troubleshooting complex security issues across environments
• Strong written and verbal communication skills
• Strong analytical and problem‑solving skills
• Ability to identify and mitigate security risks across complex environments
• Strong leadership and decision‑making capabilities
• Effective communication with technical and executive stakeholders
• Detail‑oriented with a focus on compliance and quality
• Ability to work in high‑pressure and on‑call environments
• Collaborative mindset with cross‑functional teams
• Continuous improvement and security‑focused mindset

Nice To Haves

• Experience with AWS security architecture and compliance practices
• Professional certifications such as CISSP, CISA, CISM, or CCSP
• Experience working in highly regulated or government environments
• Experience implementing automated security and compliance solutions

Responsibilities

• Design and implement enterprise data security management and operational models
• Establish and enforce security standards aligned with frameworks such as NIST, FIPS, and FedRAMP
• Provide architectural and configuration guidance to ensure secure, compliant environments
• Evaluate and recommend security tools, technologies, and controls
• Partner with privacy, security, and compliance teams to manage regulatory requirements
• Coordinate and respond to internal and external audits, including remediation planning
• Maintain compliance with frameworks such as HIPAA, HITRUST, GDPR, and related standards
• Develop and maintain reporting for compliance and security posture
• Implement and manage application security testing processes including SAST and DAST
• Establish and oversee vulnerability management programs including penetration testing
• Coordinate remediation efforts and track vulnerabilities through resolution
• Conduct infrastructure security assessments and audits
• Maintain system security and integrity by implementing industry-standard IT controls
• Monitor environments and troubleshoot security issues across systems and applications
• Participate in incident response and support 24/7 on-call rotations as required
• Ensure timely resolution of security incidents and operational challenges
• Implement automation for system administration, security processes, and deployment activities
• Drive continuous improvement of security processes, controls, and operational efficiency
• Support migration and deployment processes for QA and production environments
• Work closely with application, QA, and infrastructure teams to ensure security compliance
• Provide technical guidance and support to internal stakeholders and agency users
• Translate technical risks into business context for leadership decision-making
• Deliver training and awareness programs related to security and compliance

Benefits

• Competitive salary