Sr. Manager, Application Security

Your role in our mission

How you’ll make an impact

• Program Leadership: Define and execute a multi-year Application Security roadmap aligned with business goals and industry best practices
• AI Security Leadership: Help define the secure architecture and guardrail framework for AI adoption across the company
• Security Engineering & Automation: Integrate threat modeling, security tools & testing (SAST, SCA, DAST, IAST, RASP, etc.), and secure by design processes into the SDLC (CI/CD pipeline)
• Architecture Reviews & Technical Execution: Perform security architecture reviews for major product changes; conduct in-house secure code reviews and threat modeling for high-impact features and critical products.
• Vulnerability Management: Oversee the end-to-end AppSec vulnerability lifecycle (identification, prioritization, and remediation based on business risk, exploitability, and threat intelligence)
• Incident Response: Direct and manage incident response for application security alerts/incidents
• Offensive Security & Testing: Lead the strategy for third party penetration tests
• Reporting & Metrics: Deliver executive-level dashboards and reports on application security posture and risk trends 
• Continuous Improvement: Drive continuous improvement activities, and deepen leadership awareness of product and application security risks
• Strategic Partnership & Collaboration: Collaborate with Engineering and Product leads to embed security into the SDLC and scale the Security Champions program
• Team Leadership: Direct a small team of AppSec engineers while remaining deeply hands-on in technical execution

Skills that will help you thrive

10+ years of progressive application security experience (prior software development experience preferred)
Prior people leadership experience (3+ years) with the ability to lead, manage, and develop a technical Application Security Engineering team
Great interpersonal skills, ability to foster constructive dialogue
Deep technical knowledge with a track record of successful execution in application security (secure SDLC, penetration testing, and security tooling (SAST, DAST, IAST, RASP, SCA)
Strong knowledge of CI/CD pipelines, cloud-native security (GCP), and container security
Bachelor's degree in Computer Science or a related field, or its equivalent in work experience
Strong working knowledge of at least two programming or scripting languages

Resources to help you prosper

A connected experience: We prioritize high-touch collaboration and flexibility. Whether you are working from our San Francisco or Phoenix offices or joining us as a fully remote team member, we provide the digital-first tools and intentional culture to keep you synced and supported
Invested in your future: A competitive salary and a 401(k) with a 5% company match to help you build long-term financial security
Holistic well-being: We provide the resources you need to thrive, from flexible time off and paid parental leave to an annual wellness allowance and comprehensive health coverage
Professional & personal growth: Take advantage of a suite of premium perks, including Udemy access, childcare assistance, pet insurance, and a bevy of additional savings through Beneplace

Interview Process

• Recruiter Call: A brief screening to discuss your experience and initial questions
• Department Interview: Deeper dive into technical skills and project alignment with the Hiring Manager or team member
• Technical Interview: Deeper dive into coding skills
• Team Interview: Meet team members for collaborative discussions, problem-solving, or technical exercises