Lead and evolve the company’s application security strategy, roadmap, and day-to-day operations.
Serve as the primary AppSec partner for numerous dev teams working on Ruby on Rails web apps, React Native mobile apps, and various other projects including Python and Go.
Provide security guidance during design, development, and code review for new features and projects.
Drive adoption of secure coding practices and threat-modeling across engineering teams.
Manage and optimize existing AppSec tooling.
Improve automation and integration of security tools into CI/CD pipelines.
Build and maintain secure development standards, playbooks, and training materials.
Work with DevOps to ensure secure AWS infrastructure deployments and configurations.
Lead or support investigation and remediation of application-level vulnerabilities.
Monitor, prioritize, and track findings from SAST/DAST/ASM tools.

Requirements

3–7+ years of experience in Application Security, Product Security, or related engineering roles.
Strong understanding of secure coding practices, common vulnerabilities (OWASP Top 10), and modern SDLC.
Experience working with cloud-native applications, ideally in AWS.
Understanding of SSL certificates & cryptographic key management
Hands-on experience with SAST, DAST, WAFs, and/or mobile application security tools.
Ability to partner effectively with developers and influence secure design decisions.
Familiarity with GitHub-based workflows and CI/CD pipelines.

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Ruby on RailsReact NativePythonGosecure coding practicesSASTDASTWAFAWSSSL certificates

Soft Skills

leadershipcommunicationcollaborationinfluenceguidance