SDLC Cybersecurity Manager

About The Position

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, software development or related field is required.
• Strong organizational skills required.
• Excellent communication skills, written and verbal.
• 10 Years+ Experience in information security, SDLC security or similar roles.
• 5 Years+ in a leadership role.
• Deep understanding of SDLC, DevOps, and secure coding practices including cloud tools and multiple coding languages.
• Hands-on experience with security tools such as; Veracode, Fortify, Checkmarx, SonarQube, GitHub Advanced Security, jFrog.
• Familiarity with cloud-native development and container security (AWS, Azure, GCP).
• Experience working in a very large IT department.
• Experience managing multiple stakeholders.

Nice To Haves

• Relevant certifications (e.g., CSSLP, CISSP, OSWE, GWAPT) are a plus.

Responsibilities

• Collaborate with the CISO and the IT leadership team to align technology initiatives with the overall business objectives.
• Identify emerging technologies and work with others on the IT leadership team to assess their impact to the organization.
• Make decisions and recommendations clearly linked to the organization's strategy and financial goals, reflecting an awareness of external dynamics.
• Define strategic imperatives in terms of the links between increased value, enterprise needs and technological solutions.
• Measure the team's performance against the best-in-class peer group and set a vision and plan to exceed those benchmarks.
• Oversee the selection, deployment, and management of application security tools.
• Drive automation of security testing and reporting within development workflows.
• Design process flows for daily activities to increase outcomes by eliminating nonvalue added tasks.
• Create, establish, and maintain policies related to the software development lifecycle and secure coding practices.
• Design, implement, and manage a comprehensive Secure SDLC framework.
• Define security requirements and controls for each phase of the development lifecycle.
• Establish and maintain secure coding standards and guidelines.
• Maintain the IT SharePoint site with accurate policies and updated information relevant to the SDLC function.
• Ensure alignment with internal policies, industry standards (e.g., OWASP, NIST), and regulatory requirements (e.g., SOX, HIPAA, GDPR).
• Build, lead, and mentor a high-performing team of security professionals.
• Foster a culture of security awareness and continuous improvement across development teams.
• Provide training and guidance on secure coding practices and tools to the business and IT groups.
• Develop procedures and track compliance of important IT reporting and operational activities such as internal and external audit responses, mandatory training compliance.
• Work with the IT leadership team to develop reports that track important dates and initiatives.
• Develop, track, and report on key performance metrics related to application security posture and SDLC maturity.

Benefits

• Health and Wellness
• Mental Health
• Retirement Savings
• Life and Disability
• Paid Maternity and Parental Leave
• Paid Time Off
• Tuition Reimbursement
• Employee Assistance Program