Application Security Manager

About Acrisure

A global fintech leader Acrisure empowers millions of ambitious businesses and individuals with the right solutions to grow boldly forward. Bringing cutting-edge technology and top-tier human support together we connect clients with customized solutions across a range of insurance reinsurance payroll benefits cybersecurity mortgage services and more.

In the last eleven years Acrisure has grown in revenue from $38 million to almost $5 billion and employs over 19000 colleagues in more than 20 countries. Our culture is defined by our entrepreneurial spirit and all that comes with it: innovation client centricity and an indomitable will to win.

Job Summary:

As theManager of Application Security Operations you will lead and expand the organizations Application Security (AppSec) program within a large highly regulated financial services environment. This is an opportunity tobuild and shape the program from the ground upwhileleading a team of AppSec specialists and influencing enterprise-wide security practices.Youll drive strategy partner with multiple development teams integrate security into the SDLC and work alongside Security Operations leadership to strengthen incident response. This role offers high visibility significant leadership impact and the chance toestablish a mature scalable AppSec program that protects mission-critical financial systems.

Responsibilities:

• Application Security Program Leadership

• Own the vision strategy and roadmap for the Application Security program enterprise-wide.

• Build mentor and lead a team of AppSec engineers and specialists.

• Define program objectives performance metrics and KPIs to measure and report success.

• Advocate for application security at all levels of the organization from developers to executives.

• Partnership with Development Teams

• Collaborate with software engineering teams to integrate security controls best practices and policies throughout the SDLC.

• Promote a security by design culture by coaching and mentoring developers on secure coding practices.

• Support threat modeling secure code reviews and security architecture discussions.

• Security Tooling and Integration

• Implement configure and maintain application security tooling (SAST DAST SCA IaC scanning API security container security).

• Integrate security checks into CI/CD pipelines using GitHub and other platforms.

• Evaluate emerging technologies and recommend tools that enhance automation and scalability.

• Monitoring Incident Response and Metrics

• Partner with SOC analysts to investigate application-layer alerts incidents and vulnerabilities.

• Track and report key security metrics including vulnerability remediation timelines pipeline coverage and compliance with policies.

• Provide executive reporting and actionable insights on AppSec maturity and risk reduction progress.

Requirements

• Proven ability to design lead and scale an enterprise application security program.

• Strong understanding of secure software development OWASP Top 10 threat modeling and vulnerability management.

• Experience partnering with development organizations to secure agile/DevOps pipelines.

• Hands-on familiarity with security tooling (SAST DAST SCA IaC container security) and integrating with source code management (GitHub/GitLab etc.).

• Excellent communication leadership and stakeholder management skills.

• Ability to lead through influence and establish a strong security culture across multiple technology teams.

Education and Experience:

• 5 years of professional experience in information security with a focus on application security 2 years in a leadership role desired.

• Previous experience as a developer or working closely with software development teams is strongly preferred.

• Certifications such as CSSLP GWAPT GWEB CSSLP OSWE or other relevant industry credentials are a plus.

• Proven experience leading security initiatives at scale in enterprise environments ideally within financial services or other highly regulated industries.

Candidates should be comfortable with an on-site presence to support collaboration team leadership and cross-functional partnership.

Benefits and Perks:

• Competitive compensation
• Generous vacation policy paid holidays and paid sick time
• Medical Insurance Dental Insurance and Vision Insurance (employee-paid)
• Company-paid Short-Term and Long-Term Disability Insurance
• Company-paid Group Life insurance
• Company-paid Employee Assistance Program (EAP) and Calm App subscription
• Employee-paid Pet Insurance and optional supplemental insurance coverage
• Vested 401(k) with company match and financial wellness programs
• Flexible Spending Account (FSA) Health Savings Account (HSA) and commuter benefits options
• Paid maternity leave paid paternity leave and fertility benefits
• Career growth and learning opportunities
• and so much more!

Please note: This list is not reflective of all benefits. Enrollment waiting periods or eligibility criteria may apply to certain benefits. Offerings may vary based on subsidiary entity or geographic location.

Making a lasting impact on the communities it serves Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Childrens Hospital in Grand Rapids Michigan UPMC Childrens Hospital in Pittsburgh Pennsylvania and Blythedale Childrens Hospital in Valhalla New York.

At Acrisure we firmly believe that an inclusive workforce drives innovation creativity and ultimately our collective success.

We recruit hire employ train promote and compensate individuals based on job-related qualifications and abilities. Acrisure also has a longstanding policy of providing a work environment that respects the dignity and worth of each individual and is free from all forms of employment discrimination.

Acrisure also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about an accommodation or need assistance with completing the application process please email

California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at your new opportunity awaits you.