Sr. Manager, Application Security

JOB SUMMARY

The Senior Manager of Application Security will serve as the operational and programmatic leader for the AppSec organization, partnering closely with the Director of Application Security to scale delivery, strengthen integration with Security Architecture, and ensure consistent execution of AppSec priorities. This role leads cross-team coordination, drives prioritization, improves repeatable and automated processes, ensures alignment with risk and engineering teams, and elevates visibility of AppSec work across the organization.

CANDIDATE PROFILE

Education and Experience

Required:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science or related field or equivalent experience/certification

• 7+ years of experience in Information Technology/Security including:

• 4+ years information security leadership

• 2+ years as a team lead or manager in a security role response for managing security assessments, risk management, and compliance efforts for production systems.

• 2+ years of experience in software/system release management, with a focus on security validation

• Expertise across AppSec testing modalities (SAST, DAST, IAST etc)

• Expertise with SCA SDLC tooling and repository integration

• Proficiency in GitHub, JIRA, ServiceNow, Jenkins, Harness

• Strong understanding of OWASP and MITRE CVE/CWE

• Ability to drive cross-functional workflow integration and prioritization

Preferred Skills/Experience:

• Master’s degree in Cybersecurity, Computer Science, or a related discipline

• Xx

• Relevant certifications (CISM, CISSP, CSSLP)

• Application Development and Process expertise

• Proven experience across AppSec tooling vendors

• Excellent written and verbal communication / presentation skills

• Proven leadership experience in highly regulated environments, with strong project management skills.

CORE WORK ACTIVITIES

Program Leadership & Integration

• Lead day-to-day operational execution of AppSec programs

• Collaborate on Strategy formulation and execution.

• Strengthen SER/AppSec integration

• Drive prioritization frameworks and alignment with enterprise objectives

• Establish repeatable, automated AppSec processes

• Represent AppSec in cross-functional governance forums

• Increased automation and repeatability. Shifting tooling integration left.

• Clear metrics and reporting covering: operational, security and strategy perspectives

• Implement initiatives for secure opensource consumption and artifact management

Technical Oversight

• Monitor and assess application security risks

• Develop and track security metrics

• Recommend mitigation strategies

• Provide technical leadership regarding tooling integration, process definition and execution

Stakeholder Alignment & Communication

• Ensure AppSec work is well-communicated and visible

• Deliver concise reporting to stakeholders

• Mentor AppSec team members

• Translate complex technical concepts for non-technical audiences

Managing Work, Projects, and Policies

• Coordinates and implements work and projects as assigned.

• Generates and provides accurate and timely results in the form of reports, presentations, etc.

• Analyzes information and evaluates results to choose the best solution and solve problems.

• Develops specific goals and plans to prioritize, organize, and accomplish work.

• Sets and tracks goal progress for self and others.

• Monitors the work of others to ensure it is completed on time and meets expectations.

• Provides direction and assistance to other organizational units’ policies and procedures, and efficient control and utilization of resources.

Success Measures (First 12 Months)

• Improved Security Architecture/AppSec workflow integration

• Increased automation and repeatability.

• Establishment of clear metrics for operational, security and strategic reporting

• Clear work prioritization

• Improved visibility and transparency of AppSec processes, execution and deliverables