Sr. Manager, Application Security

About The Position

Requirements

• 10+ years of progressive application security experience (prior software development experience preferred)
• Prior people leadership experience (3+ years) with the ability to lead, manage, and develop a technical Application Security Engineering team
• Great interpersonal skills, ability to foster constructive dialogue
• Deep technical knowledge with a track record of successful execution in application security (secure SDLC, penetration testing, and security tooling (SAST, DAST, IAST, RASP, SCA)
• Strong knowledge of CI/CD pipelines, cloud-native security (GCP), and container security
• Bachelor's degree in Computer Science or a related field, or its equivalent in work experience
• Strong working knowledge of at least two programming or scripting languages

Responsibilities

• Program Leadership: Define and execute a multi-year Application Security roadmap aligned with business goals and industry best practices
• Security Engineering & Automation: Integrate threat modeling, security tools & testing (SAST, SCA, DAST, IAST, RASP, etc.), and secure by design processes into the SDLC (CI/CD pipeline)
• Architecture Reviews: Perform security architecture reviews for major product changes
• Vulnerability Management: Oversee the end-to-end AppSec vulnerability lifecycle (identification, prioritization, and remediation based on business risk, exploitability, and threat intelligence)
• Incident Response: Direct and manage incident response for application security alerts/incidents
• Offensive Security & Testing: Lead the strategy for third party penetration tests
• Reporting & Metrics: Deliver executive-level dashboards and reports on application security posture and risk trends
• Team Leadership: Manage and mentor a high-performing team of AppSec engineers, fostering a vision for excellence
• Continuous Improvement: Drive continuous improvement activities, and deepen leadership awareness of product and application security risks
• Strategic Partnership & Collaboration: Collaborate with Engineering and Product leads to embed security into the SDLC and scale the Security Champions program

Benefits

• A connected experience: We prioritize high-touch collaboration and flexibility. Whether you are working from our San Francisco or Phoenix offices or joining us as a fully remote team member, we provide the digital-first tools and intentional culture to keep you synced and supported
• Invested in your future: A competitive salary and a 401(k) with a 5% company match to help you build long-term financial security
• Holistic well-being: We provide the resources you need to thrive, from flexible time off and paid parental leave to an annual wellness allowance and comprehensive health coverage
• Professional & personal growth: Take advantage of a suite of premium perks, including Udemy access, childcare assistance, pet insurance, and a bevy of additional savings through Beneplace