Try Google search

Manager, Application Security

6m ago
min 2 years
San Mateo, CA, US

Manager, Application Security




Weare looking for an extremely talented Manager/Sr. Manager tojoin our Application Security Team. You will be managing a dynamicteam of Application Security Professionals based in the United States and Indiawho are responsible for maintaining and extending all aspects of ApplicationSecurity


o  Manage and grow our dynamic team ofApplication Security professionals

o  Continuously improve and expand theapplication security landscape

o  Maintain, support and extend ourapplication security tooling, standards, and processes, including but notlimited to SAST, DAST, WAF, RASP

o  Participate in development andoperational design reviews with a focus on application security

o  Evaluate new security technologiesand make recommendations to strengthen the overall security posture across suiteof applications

o  Maintain, improve, and be a championof Secure Software Development Lifecycle (SSDLC) methodologies, processes andstandards

o  Plan and incorporate threat modelingpractices into our product design life cycle

o  Work closely with the OperationsSecurity team to review and define best practices

o  Support compliance audits throughevidence gathering and interviews

o  Work closely with the ProductManagement team and different stakeholders to define and influence theApplication Security roadmap

o  Produce metrics reporting the stateof application security programs and performance of development teams against requirements

o  Track vulnerability issues to ensureremediation based on our defined SLA


o  Must have a minimum of 2 years ofleadership experience managing at least 3 direct reports

o  Must have a strong background inApplication Security

o  Must have a great understanding ofOWASP Top10, CWE/SANS 25

o  Knowledge of identity managementtools, SAML, OIDC, and SSO

o  Knowledge of OAuth 2, client-serverauthentication, server-server authentication

o  Good understanding of one or more ofthe following programming languages: Ruby, Go, Java, TypeScript/JavaScript,Python, or C/C++

o  Knowledge of SSL/TLS and how it helpssecure transmission of data

o  Past experience developing secure webapplications or microservices

o  Being able to influence othersthrough collaboration and thought leadership

o  Experience designing, estimating, andleading the implementation of complex systems

o  Proven ability to work independentlyand take projects from design to delivery 

o  Self-motivated, passion for learning,strong communication skills

o  Bachelor's or Master's degree inComputer Science (or equivalent), or equivalent experience


o  Knowledge of compliance requirements:HIPAA, PCI, SOX, FedRAMP, SOC, etc

o  Knowledge of current cryptographyalgorithms, such as AES, BCrypt, Argon2

o  Presented security-related topics atconferences or meet-ups

o  Demonstrated knowledge ofsecurity/access control, scalability, high availability

o  Open source project contributions


Job posted by- Vaibhav Sharan