Team Manager, Application Security

Overview

We are seeking an experienced Team Lead of Application Security Engineering to establish lead and mature our Application Security (AppSec) Program. This senior leadership role will build a comprehensive program encompassing developer awareness secure coding practices training initiatives and security enablement across the software development lifecycle. As the senior security leader for our location office this position serves dual responsibilities: driving application security excellence enterprise-wide while providing local leadership mentorship and support to all security team members in the office.

Key Responsibilities

Application Security Program Development & Leadership

• Design and implementa comprehensive Application Security Program from strategy through execution including policies standards processes metrics and tools
• Establish and maturesecurity practices across all phases of the SDLC including threat modeling secure design reviews code analysis (SAST/DAST/SCA) penetration testing and security acceptance criteria
• Drive security awarenessinitiatives that elevate secure development practices across engineering teams fostering a security-first culture
• Develop and delivertraining programs for developers architects and product teams on secure coding threat modeling and emerging security risks
• Create enablement frameworksthat reduce security friction while improving adherence to security standards and best practices
• Build security champions programsto embed security advocates within development teams

• Define and trackprogram metrics and KPIs to measure security posture improvements vulnerability reduction and program maturity

  Technical Leadership & Innovation

• Architect and implementAppSec tooling strategies integrating security into CI/CD pipelines and developer workflows
• Evaluate and adoptemerging security technologies and methodologies including AI-powered security tools and secure AI development practices
• Partner with engineering leadershipto balance security requirements with development velocity and business objectives
• Stay currentwith application security trends vulnerabilities and attack vectors adapting the program to accommodate the changes from these threats/risks.
• Lead mentor and developa team of 5-10 Application Security Engineers and Architects
• Build team capabilitiesthrough hiring skills development career planning and performance management
• Foster a collaborative culturethat emphasizes continuous learning innovation and operational excellence

• Allocate resources effectivelyacross program initiatives security assessments and incident response activities ensuring the team meets Service Level Agreements (SLAs) and Service Level Objectives (SLOs)

  Office Leadership & Cross-Functional Collaboration

• Serve as the senior security leaderfor the location office providing guidance support and mentorship to all security personnel in the office regardless of functional reporting structure
• Act as the primary point of contactfor office-based employees seeking security leadership career guidance or organizational support
• Build and maintain strong relationshipswith engineering product DevOps and business stakeholders
• Communicate program strategy progress and riskto executive leadership and the CISO
• Collaborate with peer security leadersto ensure consistency and knowledge sharing across the enterprise security program
• 10 yearsof application security experience with progression into leadership roles
• 5 yearsleading application security programs including program design implementation and maturation
• 3 yearsmanaging and developing security teams with demonstrated success in team building and talent development
• Proven track recordestablishing security awareness training and enablement programs that drive measurable improvements in security posture
• Deep expertiseacross the full SDLC including secure design code review security testing and deployment practices

• Hands-on experiencewith AppSec tools and technologies (SAST DAST SCA WAF API security secrets management etc.)

  Technical Skills

• Strong understanding of modern application architectures (cloud-native microservices APIs containerization)
• Proficiency with common programming languages and frameworks
• Knowledge of security frameworks and standards (OWASP NIST BSIMM ISO 27001)

• Experience integrating security into CI/CD and DevSecOps environments

  Leadership & Communication

• Executive presencewith ability to communicate complex security concepts to technical and non-technical audiences
• Strategic thinkingbalanced with tactical execution capabilities
• Influence without authorityskills to drive security culture change across development organizations
• Strong interpersonal skillsfor coaching mentoring and building trust with diverse stakeholders
• Bachelors degree in computer science Information Security or related field (or equivalent experience)
• Desired security certifications (CISSP CSSLP CEH OSCP or similar)
• Experience with AI/ML securityincluding secure development practices for AI systems model security prompt injection prevention and AI-powered security tools
• Knowledge of AI security frameworksand emerging standards (OWASP LLM Top 10 NIST AI Risk Management Framework)
• Experience in highly regulated industries(financial services healthcare government) with compliance requirements
• Masters degree in relevant field
• Experience with security metrics and reportingto board-level audiences

• Previous experience in multi-site or distributed team leadership

  Leadership Expectations

• This role requires a leader who can:
• Inspire and empowerteams to deliver security excellence while maintaining development agility
• Navigate ambiguityin a fast-paced environment with competing priorities
• Build consensusacross diverse stakeholder groups with differing objectives
• Demonstrate servant leadershipby supporting team growth and removing barriers to success
• Model security-first behaviorsthat set the tone for the broader organization

• Provide hands-on guidanceto office-based security staff on professional development escalations and day-to-day challenges
  

  #LI-P1