Senior Manager, Security Engineering, Application Security

About The Position

Requirements

• Deep expertise in application security, including secure architecture, common vulnerability classes (OWASP Top 10), and modern attack techniques
• Experience building and scaling secure SDLC programs across large engineering organizations
• Strong understanding of web, mobile, and backend application architectures
• Familiarity with security testing methodologies including SAST, DAST, IAST, SCA, fuzzing, and manual code review
• Experience driving threat modeling and secure design practices at scale
• Working knowledge of cloud-native architectures (Kubernetes, GCP, AWS) and modern CI/CD environments
• Strong development background (e.g., Python, Go, Java, or similar) with the ability to review code and guide secure engineering practices
• Experience partnering with product engineering teams in fast-paced, consumer-scale environments
• Strong executive communication skills and the ability to influence without authority
• Demonstrated ability to operate strategically while staying connected to technical details
• Bachelors in technical field such as computer science, mathematics, statistics or equivalent years of experience
• 9+ years of post-Bachelor’s security experience; or a Master’s degree in a technical field + 8+ year of post-grad security experience; or a PhD in a related technical field + 5+ years of security experience
• 2+ years of experience managing high-performing managers or providing technical and strategic leadership for engineering teams focused on advertising applications.
• Proven experience in managing, mentoring, and scaling diverse engineering teams to consistently deliver complex, high-impact projects.

Nice To Haves

• Experience leading application security in a large consumer technology company
• Demonstrated success embedding security into high-velocity product organizations
• Experience defining and tracking risk-based security metrics
• Familiarity with privacy-by-design and secure data handling principles
• Experience operating in zero-trust or BeyondCorp-inspired environments
• Strong written and verbal communication skills with high attention to detail
• Experience collaborating across engineering, legal, privacy, and executive stakeholders

Responsibilities

• Define and drive a multi-year application security strategy aligned to Snap’s product roadmap and company priorities
• Identify systemic product security risks and assume direct ownership of high-impact initiatives that reduce risk at scale across Snap’s application ecosystem
• Establish scalable practices for secure design reviews, threat modeling, code review, and security testing (SAST, DAST, SCA, fuzzing, etc.)
• Lead application security architecture reviews for high-risk or high-impact product initiatives
• Drive automation-first approaches that increase security coverage while minimizing friction for engineering teams
• Partner closely with Product, Infrastructure, Privacy, and Detection & Response teams to ensure end-to-end security coverage
• Define and track meaningful security metrics and KPIs that measure risk reduction and program effectiveness
• Influence senior engineering leadership and executives on security strategy, risk tradeoffs, and investment decisions
• Participate in and support security incident response efforts related to application-layer vulnerabilities
• Align team direction with organizational goals and contribute to quarterly and annual planning
• Recruit and develop high-caliber security engineers and managers; build an inclusive, high-performing team culture
• Coach and grow managers and senior ICs, strengthening technical depth and leadership bench strength across the org

Benefits

• paid parental leave
• comprehensive medical coverage
• emotional and mental health support programs
• compensation packages that let you share in Snap’s long-term success!