Application Security Manager
30000 - 36667 złMichael Page
Recruitment for, The employer is a well-established, large organisation within the business services industry with a strong focus on innovation and cutting-edge technology. .
Expected, SAST, DAST, SCA, IaC, API security, container security, GitHub, GitLab Your responsibilities, Own the vision, strategy, and roadmap for the Application Security program enterprise-wide., Build, mentor, and lead a team of AppSec engineers and specialists., Define program objectives, performance metrics, and KPIs to measure and report success., Advocate for application security at all levels of the organization, from developers to executives., Collaborate with software engineering teams to integrate security controls, best practices, and policies throughout the SDLC., Promote a "security by design" culture by coaching and mentoring developers on secure coding practices., Support threat modeling, secure code reviews, and security architecture discussions., Implement, configure, and maintain application security tooling (SAST, DAST, SCA, IaC scanning, API security, container security)., Integrate security checks into CI/CD pipelines using GitHub and other platforms., Evaluate emerging technologies and recommend tools that enhance automation and scalability., Partner with SOC analysts to investigate application-layer alerts, incidents, and vulnerabilities., Track and report key security metrics, including vulnerability remediation timelines, pipeline coverage, and compliance with policies., Provide executive reporting and actionable insights on AppSec maturity and risk reduction progress. Proven ability to design, lead, and scale an enterprise application security program., Strong understanding of secure software development, OWASP Top 10, threat modeling, and vulnerability management., Experience partnering with development organizations to secure agile/DevOps pipelines., Hands-on familiarity with security tooling (SAST, DAST, SCA, IaC, container security) and integrating with source code management (GitHub/GitLab, etc., Excellent communication, leadership, and stakeholder management skills., Ability to lead through influence and establish a strong security culture across multiple technology teams., 10+ years of professional experience in information security with a focus on application security, 4+ years in a leadership role desired., Previous experience as a developer or working closely with software development teams is strongly preferred., Certifications such as CSSLP, GWAPT, GWEB, CSSLP, OSWE, or other relevant industry credentials are a plus., Proven experience leading security initiatives at scale in enterprise environments, ideally within financial services or other highly regulated industries. What employer offers, Opportunity to work in a large organisation within the business services industry., Permanent role based in Gdańsk with a focus on innovation and security., A supportive and collaborative company culture.Oferta pracy dodana 22 dni temu
Powiązane wyszukiwania