Provide Program Leadership & Operational Execution, Technical & Security Leadership
Lead day-to-day operational execution of Application Security programs
Partner with leadership on strategy development and execution
Coordinate and implement assigned projects and initiatives
Establish and track performance goals and operational metrics for self and team
Monitor team deliverables to ensure timeliness, quality, and alignment with expectations
Strengthen integration of AppSec controls across enterprise tools and CI/CD pipelines
Improve workflow alignment between Security Architecture and Application Security functions
Design and implement repeatable, scalable, and automated AppSec processes
Drive prioritization frameworks aligned with enterprise risk and business objectives
Enhance transparency and reporting of AppSec processes, execution status, and outcomes
Provide hands-on technical leadership in tooling integration, automation, and process execution
Lead implementation of shift-left security strategies while maintaining strong developer experience
Recommend mitigation strategies for identified application security risks
Serve as an AppSec representative in cross-functional governance and technical forums
Partner with AppSec governance teams to support control development, validation, and testing
Collaborate with control management and cybersecurity leadership to design new security controls
Support internal and external audits, regulatory reviews, and third-party assessments
Implement ongoing product enhancements and fine-tuning of rules to increase precision in identifying and prioritizing application security defects

Requirements

7+ years of Information Security Engineering experience
3+ years of management or leadership experience
3+ years managing teams of 10–12 application security engineers
Deep expertise across core Application Security domains SAST, DAST, SCA, Secrets management and detection
Strong experience integrating SAST, DAST, and SCA tools into SDLC workflows and source code repositories
Proven experience evaluating and managing multiple AppSec tooling vendors
Advanced knowledge of GitHub, Jira, ServiceNow, Jenkins, Harness, and CI/CD ecosystems
Strong understanding of OWASP standards and MITRE CVE/CWE frameworks
Extensive experience implementing and maturing Secure Software Development Lifecycle (SSDLC) practices
Familiarity with AI/LLM-enabled development tooling (e.g., Cursor, GitHub Copilot, custom LLM integrations)
Demonstrated ability to lead cross-functional initiatives
Strong leadership skills with the ability to foster a collaborative, high-performance team culture
Excellent written, verbal, and executive-level presentation skills
Proven leadership in highly regulated environments with strong project and program management capabilities

Benefits

Health benefits
401(k) Plan
Paid time off
Disability benefits
Life insurance, critical illness insurance, and accident insurance
Parental leave
Critical caregiving leave
Discounts and savings
Commuter benefits
Tuition reimbursement
Scholarships for dependent children
Adoption reimbursement

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Information Security EngineeringApplication SecuritySASTDASTSCASecrets managementSecure Software Development LifecycleAI/LLM-enabled development toolingtooling integrationautomation

Soft Skills

leadershipcollaborationproject managementcommunicationteam culture developmentstrategic thinkingperformance trackingcross-functional initiative leadershipproblem-solvingtransparency enhancement