Senior Manager of Information Security - Application Security

Now is your chance to join an organization that drives change. Were a company thats consistently on top employer lists.

Why join us:

• There is a reason we boast numerous awards like Great Place to Work Certified and Best Place to Work For Moms Dads LGBTQ and VETS (just to name a few). At Deluxe we know that great people make a great organization.

• We value our people so offer the typical benefits (401K PTO Medical Dental) PLUS: Flexible time off volunteer time off paid maternity/paternity leave tuition reimbursement pet bereavement and more!

• A culture that keeps people. 42% of our team has been here over 10 years. When we asked our team why we heard the people benefits family/home time diversity and team culture.

• Hybrid schedule allowing you flexibility to work from home/remote several days per week

The Senior Manager Information Security in Application Security leads a high-performing team to design implement and manage enterprise-wide security strategies and solutions. This role will drive the development and implementation of scalable security solutions ensuring alignment with business objectives and regulatory requirements while driving innovation and continuous improvement. The position requires strong leadership technical expertise and cross-functional collaboration to protect the organizations digital assets and support business objectives.

• Develop communicate and execute security strategies aligned to business objectives. Serve as a key security liaison embedding secure design principles access control frameworks and risk mitigation practices into cross-functional initiatives projects and enterprise transformations.

• Lead and manage a high-performing security team overseeing hiring training performance management career development and budgeting while developing and tracking KPIs/KRIs to measure security posture and report progress to senior leadership.

• Develop and maintain security reference architectures standards and roadmaps for applications cloud and enterprise systems. Guide secure development practices threat modeling and integration of security tools (e.g. SAST DAST SIEM) into DevSecOps pipelines and cloud environments. Ensure alignment with enterprise identity strategies and access control frameworks to support secure scalable and compliant solutions.

• Maintain deep knowledge of security principles frameworks (NIST ISO 27000) and regulatory landscapes (PCI SOX GDPR SOC2). Conduct risk assessments across application infrastructure and identity domains; support audits and regulatory compliance efforts.

• Stay current on emerging threats and technologies lead PoCs and drive adoption of modern security practices and tools. Familiarity with modern cloud environments. Strong stakeholder management across technical and non-technical teams. Experience managing cross-functional projects and delivering measurable risk reduction.

Basic Qualifications:

• Bachelors degree in Computer Science Information Security or a related field

• 10 years of progressive InfoSec experience including 3 years in a leadership or management role

• At least one relevant security certification (e.g. CISSP CISM or equivalent)

• Strong knowledge of security frameworks such as NIST and ISO 27000 series

• Proven success designing implementing or overseeing enterprise-scale security solutions

Preferred Qualifications:

• Strong experience in web mobile and API security including OWASP Top Ten WASC OSSTMM

• Expertise in secure coding SDLC DevSecOps pipelines and automation

• Background in application penetration testing vulnerability assessment and ethical hacking

• Experience with security testing tools: SAST DAST IAST RASP SCA

• Hands-on threat modeling and risk assessments within agile SDLC

• Proven collaboration with DevOps to onboard tools and enforce secure coding policies

• Knowledge of secure app deployment in AWS and Azure

• Familiarity with forensics network exploitation and advanced testing tools

• Experience managing client or third-party audits related to application security

Must be 18 years of age or older

Compensation

Benefits

In line with our commitment to employee wellbeing our total rewards benefits package is designed to support the physical financial and emotional health of our employees tailored to meet their unique and evolving needs. Our approach considers our employees whole selves ensuring they can thrive both in and outside of work. Here are some of the benefits we offer which may vary based on role location or hours worked:

• Healthcare (Medical Dental Vision)

• Paid Time Off Volunteer Time Off and Holidays

• Employer-Matched Retirement Plan

• Employee Stock Purchase Plan

• Short-Term and Long-Term Disability

• Infertility Treatment Adoption and Surrogacy Assistance

• Tuition Reimbursement

These benefits are designed to enhance the health protect the financial security and provide peace of mind to our employees and their families.

Deluxe Corporation is an Equal Employment Opportunity employer:
All qualified applicants will receive consideration for employment without regard to race color creed religion disability sex age ethnic or national origin marital status sexual orientation gender identity or presentation pregnancy genetics veteran status or any other status protected by state or federal law.

Please view the electronic EEO is the Law Poster which serves to inform you of your equal employment opportunity protections as part of the application process.