Senior Application Security Manager

As a Senior Manager of Application Security, you will play a crucial role in leading and strategizing our security initiatives. Your responsibilities will include: - **Strategic Program Leadership**: - Develop and execute a comprehensive application security strategy aligned with business objectives. - Build and mentor a high-performing team of application security engineers and DevSecOps professionals. - Define and enforce application security policies, standards, and procedures. - **Security Integration & Automation**: - Oversee the integration of security tools like SAST, DAST, SCA, and vulnerability scanners into CI/CD pipelines. - Champion automation for security testing to provide continuous feedback to development teams. - Direct the development of scripts and automation frameworks for orchestrating security tool usage. - **Vulnerability Management & Remediation**: - Establish and manage a robust vulnerability management program. - Provide expert guidance for complex security vulnerabilities. - Define and enforce service-level agreements for vulnerability remediation based on severity. - **Tracking, Reporting, and Audits**: - Implement a centralized system to track all open vulnerabilities across the product portfolio. - Generate executive-level reports on the company's application security posture. - Lead internal and external security audits, assessments, and compliance initiatives. - **Product-wide Security & Threat Intelligence**: - Implement processes to evaluate vulnerabilities across all products. - Proactively monitor and assess emerging threats and translate them into actionable plans. - **Collaboration & Education**: - Collaborate with engineering, product management, and operations teams to embed security in the SDLC. - Act as the primary subject matter expert on application security. - Develop and lead security awareness and training programs for engineering teams. **Qualifications Required**: - Bachelor's or Master's degree in Computer Science, Information Security, or related field. - 12+ years in application security, with 4+ years in a senior management role. - Experience in building and managing an application security program. - Proficiency in a range of application security tools. - Proficiency in scripting and automation for security tooling integration. - Strong knowledge of CI/CD pipelines and cloud platforms. - Deep understanding of web application vulnerabilities and secure coding principles. - Exceptional leadership, communication, and interpersonal skills. - Relevant industry certifications such as CISSP, CSSLP, CISM are preferred.,