First AmericanRemote
Senior Manager, Application Security
California, United States of America
Full Time
5 hours ago
$148,600 - $198,200 USD
Visa Sponsor
Key skills
CloudCyber SecurityDistributed SystemsMicroservicesSDLCCI/CDLeadershipStakeholder ManagementCommunication
About this role
Role Overview
- Define, build, and evolve the enterprise Application Security (AppSec) strategy and roadmap aligned to business priorities and risk posture
- Own and scale the AppSec program, including secure SDLC standards, policies, and governance across all applications and platforms
- Partner with engineering and platform teams to integrate security into CI/CD pipelines, tooling, and developer workflows
- Drive threat modeling, security architecture reviews, and vulnerability management to identify and mitigate application-layer risks
- Evaluate, implement, and optimize AppSec tooling (SAST, DAST, SCA, API security, container security) and automate security processes at scale
- Build, mentor, and lead a high-performing team of application security engineers and specialists
- Collaborate with Engineering, Product, Cloud, Infrastructure, and GRC teams to embed security into product design and delivery
- Establish and track key security metrics to measure program effectiveness and communicate risk posture to leadership
- Ensure applications meet security, regulatory, and audit requirements while supporting internal and external assessments
- Promote a developer-centric security culture through education, training, and security best practice adoption
Requirements
- 8+ years of experience in application security, security engineering, or related cybersecurity roles
- 3+ years of experience leading or managing teams in a security or engineering organization
- Strong expertise in secure application development, including secure coding, threat modeling, and SDLC integration
- Deep understanding of modern application architectures (microservices, APIs, cloud-native, distributed systems)
- Experience implementing DevSecOps practices and integrating security into CI/CD pipelines
- Hands-on experience with application security tools (SAST, DAST, SCA, container security, API security)
- Demonstrated ability to assess and prioritize risk, and drive remediation across engineering teams
- Strong cross-functional communication and stakeholder management skills
- Proven ability to influence engineering teams and drive adoption of security practices
- Bachelor's degree in computer science, Information Security, or related field (or equivalent experience)
Tech Stack
- Cloud
- Cyber Security
- Distributed Systems
- Microservices
- SDLC
Benefits
- medical
- dental
- vision
- 401k
- PTO/paid sick leave
- employee stock purchase plan