Application Security Manager

Who We Are

At Corebridge Financial we believe action is everything. Thats why every day we partner with financial professionals and institutions to make it possible for more people to take action in their financial lives for today and tomorrow.

We align to a set of Values that are the core pillars that define our culture and help bring our brand purpose to life:

We are stronger as one: We collaborate across the enterprise scale what works and act decisively for our customers and partners
We deliver on commitments: We are accountable empower each other and go above and beyond for our stakeholders
We learn improve and innovate: We get better each day by challenging the status quo and equipping ourselves for the future
We are inclusive: We embrace different perspectives enabling our colleagues to make an impact and bring their whole selves to work

Who Youll Work With

The Information Technology organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation partners with business leaders to design and execute new strategies through IT and operations services and ensures the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles.

About the role

Application Security Manager to lead and evolve our DevSecOps function. You will oversee a crossfunctional team responsible for embedding security throughout the software development lifecycle (SDLC) integrating AIdriven tools and practices and enabling securebydesign development. This role is both strategic and technical requiring deep expertise in AppSec DevSecOps automation and a forwardthinking approach to AI adoption in security.

Responsibilities

• Lead the application security program with a focus on securing CI/CD pipelines cloudnative apps and microservices.
• Manage a team of DevSecOps engineers and security champions across development squads.
• Develop and implement scalable security tooling static and dynamic code analysis software composition and Software Bill of Material.
• Integrate AI and machine learning tools for threat modeling code analysis and anomaly detection.
• Collaborate with development infrastructure and product teams to ensure secure architecture and coding practices.
• Establish AppSec policies threat modeling frameworks and secure coding guidelines.
• Build metrics and reporting to track the effectiveness of AppSec initiatives and risk posture.
• Evaluate and implement AIbased AppSec tools and integrations within the DevSecOps toolchain.
• Lead incident response and secure code review processes for critical applications.
• Act as the primary point of contact for application security audits and compliance initiatives.

Skills and Qualifications

• 7 years of experience in application security including 2 years managing security teams.
• Strong knowledge of secure coding practices in modern languages (e.g. Python Java JavaScript Go).
• Experience deploying and managing AppSec tools such as SAST DAST SCA IaC scanners Application Security Posture Management (ASPM) and secrets detection tools.
• Handson experience in CI/CD platforms (e.g. GitHub Actions GitLab CI Jenkins Azure DevOps).
• Solid understanding of cloudnative architectures (AWS/GCP/Azure) containers (Docker) and orchestration (Kubernetes).
• Experience with InfrastructureasCode (e.g. Terraform CloudFormation) and securing DevOps pipelines.
• Familiarity with AIdriven AppSec tools for vulnerability management threat detection and LLMassisted secure code review.
• Experience with LLMs (e.g. OpenAI GPT Gemini) for code analysis threat modeling secure coding guidance or vibe coding.
• Understanding of prompt engineering model finetuning or integrating AI APIs into security workflows.
• Bonus: Experience in AI security (e.g. adversarial ML model poisoning AI system threat modeling).
• Bonus: Experience in SAP Security code review vulnerability management and threat monitoring.
• Bachelors degree in a relevant field or proven record of experience in Information Technology and Cyber Security roles.
• Certifications:
  • OSCP Offensive Security Certified Professional (Required or strong preference)
  • GWAPT GIAC Web Application Penetration Tester
  • OSWE Offensive Security Web Expert (Preferred)
  • CISSP Certified Information Systems Security Professional (Preferred)
  • GPEN GIAC Penetration Tester (Preferred)
  • AI/ML Certifications e.g. Microsoft AI102 Google Cloud ML Engineer or similar (Bonus)

Compensation

The anticipated salary range for this position is $130000 to $150000 at the commencement of employment. Not all candidates will be eligible for the upper end of the salary range. The actual compensation offered will ultimately be dependent on multiple factors which may include the candidates geographic location skills experience and other qualifications.

In addition the position is eligible for a discretionary bonus in accordance with the terms of the applicable incentive plan.

Corebridge also offers a range of competitive benefits as part of the total compensation package as detailed below.

Work Location

This position is based in Corebridge Financials Jersey City NC Houston TX or Durham NC office and is subject to our hybrid working policy which gives colleagues the benefits of working both in an office and remotely.

#LISAFG #LICW1 #LIHybrid

Why Corebridge

At Corebridge Financial we prioritize the health wellbeing and worklife balance of our employees. Our comprehensive benefits and wellness program is designed to support employees both personally and professionally ensuring that they have the resources and flexibility needed to thrive.

Benefit Offerings Include:

• Health and Wellness: We offer a range of medical dental and vision insurance plans as well as mental health support and wellness initiatives to promote overall wellbeing.
• Retirement Savings: We offer retirement benefits options which vary by location. In the U.S. our competitive 401(k) Plan offers a generous dollarfordollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately.
• Employee Assistance Program: Confidential counseling services and resources are available to all employees.
• Matching charitable donations: Corebridge matches donations to taxexempt organizations 1:1 up to $5000.
• Volunteer Time Off: Employees may use up to 16 volunteer hours annually to support activities that enhance and serve communities where employees live and work.
• Paid Time Off: Eligible employees start off with at least 24 Paid Time Off (PTO) days so they can take time off for themselves and their families when they need it.

Eligibility for and participation in employersponsored benefit plans and Company programs will be subject to applicable law governing Plan document(s) and Company policy.

We are an Equal Opportunity Employer

Corebridge Financial is committed to being an equal opportunity employer and we comply with all applicable federal state and local fair employment laws. All applicants will be considered for employment based on jobrelated qualifications and without regard to race color religion sex gender gender identity or expression sexual orientation national origin disability neurodivergence age veteran status or any other protected characteristic. The Company is also committed to compliance with all fair employment practices regarding citizenship and immigration status. At Corebridge Financial we believe that diversity and inclusion are critical to building a creative workplace that leads to innovation growth and profitability. Through a wide variety of programs and initiatives we invest in each employee seeking to ensure that our colleagues are respected as individuals and valued for their unique perspectives.

Corebridge Financial is committed to working with and providing reasonable accommodations to job applicants and employees including any accommodations needed on the basis of physical or mental disabilities or sincerely held religious beliefs. If you believe you need a reasonable accommodation in order to search for a job opening or to complete any part of the application or hiring process please send an email to . Reasonable accommodations will be determined on a casebycase basis in accordance with applicable federal state and local law.

We will consider for employment qualified applicants with criminal histories consistent with applicable law.

To learn more please visit:

Functional Area: