Manager, Application Security
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Manager, Application Security leading security efforts for Marigold's applications. Collaborating with engineering teams to ensure application security throughout the software development lifecycle.
Responsibilities:
- Lead and develop a small team responsible for identifying, assessing, and remediating application security risks across products and container-based infrastructure.
- Embed secure design and secure coding practices across global development teams throughout the SDLC and CI/CD pipelines.
- Partner closely with engineering, product, and infrastructure teams to prioritize security findings, vulnerabilities, and remediation efforts.
- Oversee application security testing activities including SAST, DAST, IAST, threat modeling, and manual code reviews.
- Monitor emerging threats and vulnerabilities, triage reported issues, assess risk, and communicate mitigation strategies clearly to stakeholders.
- Drive automation and continuous improvement of application security controls, metrics, and security-as-code initiatives.
Requirements:
- Demonstrated experience leading or mentoring application security engineers or acting as a technical lead in a security-focused role.
- Strong background in application security, secure software development practices, and vulnerability management across the SDLC.
- Hands-on experience with application security testing methodologies and tools (SAST, DAST, IAST, threat modeling).
- Deep understanding of web application security risks, including those outlined in the OWASP Top 10.
- Experience collaborating closely with software development teams in modern DevSecOps and cloud-based environments.
- Experience with containerized and cloud-native environments (Docker, Kubernetes, AWS native security services).
- Familiarity with compliance frameworks such as ISO 27001, SOC II, HITRUST, NIST, or CIS Controls.
- Experience with security tooling such as Veracode, Snyk, Checkmarx, BlackDuck, Tenable.io, Cloudflare, Jira, or Confluence.
Benefits:
- Competitive benefits including: medical/dental/vision insurance, life/accident/disabilities insurance, supplemental health benefits, FSA, EAP and pet insurance
- Generous time off (we call it Open Time Away) as well as paid holidays and a birthday benefit day off.
- Paid Volunteer Time
- 401k plan with a company match on your contributions.
- Employee-centric and supportive remote work environment with flexibility.
- Support for life events including paid parental leave.
Similar Jobs
Software Engineer I – Salesforce Integration, Tier 2 Security Clearance
Software Engineer I providing engineering support for Salesforce integration to federal contact center program. Must have Tier 2 Security Clearance and up to 3 years of experience.
Senior Developer III – Salesforce Integration, Tier 2 Security Clearance
Senior Developer responsible for Salesforce CRM integration solutions. Providing technical guidance and leading integration architecture decisions for federal contact center projects.
Developer I – Salesforce Integration, Tier 2 Security Clearance
Developer I supporting the development and testing of Salesforce CRM integrations. Working remotely at M&S Consulting with an emphasis on technical qualifications and active clearance.
Security Consultant
Security Consultant driving production efficiency within design team at Ares Technology. Supporting design department in delivering high-quality, mission-critical projects.
Senior Functional Consultant – HCM, HCM Security, Recruiting
Senior Functional Consultant assisting customers in overcoming HR technology challenges and maximizing Workday's value. Engaging in various consulting services while collaborating with clients.
Senior Security Engineer
Senior Security Engineer focusing on security operations in software development pipelines for a sustainable infrastructure company. Collaborating with IT and DevOps teams in a remote setting.
Cybersecurity Project Manager – Contract
Cybersecurity Project Manager in Technology Program Management Office overseeing cybersecurity project delivery. Requires extensive experience in cybersecurity, risk, compliance, controls, and audits.
Data Protection & AI Security, Staff Engineer
Staff Engineer leading strategic data protection and AI security initiatives at The Hershey Company. Collaborating with cross-functional teams to protect sensitive data and manage emerging risks.
Senior Cybersecurity Engineer
Cybersecurity Engineer responsible for protecting technology environments and delivering threat detection capabilities. Collaborating with IT, OT, and operations to strengthen operational security and compliance.
Senior Cybersecurity Engineer, Threat Detection and Response
Cybersecurity Engineer managing threat detection and response within Starbucks Security Operations Center. Leveraging expertise in cybersecurity and advanced log analysis to mitigate threats and support IT security.
Head of Security
Head of Security operating the information security program at Anomaly. Focused on enabling rapid product development while maintaining security and compliance.
Information Security GRC Analyst
Information Security GRC Analyst role focusing on developing and maturing governance, risk, and compliance programs. Assisting clients with compliance frameworks and cybersecurity measures in a remote work environment.
Senior Security Engineer
Senior Security Engineer at Red Cup IT, Inc. designing cloud security architectures and automating security processes to defend against modern threats. Leading projects and mentoring junior staff.
Senior Security Engineer
Senior Security Engineer at Sandisk owning and improving security tooling for SOC operations. Focus on reliability, detection, and automation in a leading tech company.
Senior System Security Engineer
Senior System Security Engineer safeguarding critical systems and infrastructure for cybersecurity firm. Developing security strategies and collaborating with teams to maintain system integrity and compliance.
Staff Security Engineer
Staff Security Engineer at CVS Health designing security measures for digital infrastructure. Collaborating with teams and providing technical guidance to safeguard sensitive data and ensure compliance.
CMMC Cybersecurity Compliance Consultant
Cybersecurity Compliance Consultant leading CMMC policy development for DoD contractors. Managing compliance sprints and client documentation for audit readiness in a fully remote setup.
Senior Analyst – Supply Chain Master Data Compliance, Governance
Senior Analyst supporting Master Data Compliance and Governance at CVS Health. Driving data quality, accuracy, and regulatory compliance in the drug supply chain.
Principal Technical Specialist – Vehicle & Connected Cyber Security
Principal Technical Specialist overseeing cybersecurity for vehicle systems at Ford. Leading technical authority and collaborating across various teams to enhance security measures.
Sales & Account Manager – IT Security, SaaS
Sales/Account Manager responsible for developing DACH market for SaaS solution in physical security. Engaging with clients to promote long-term identity management solutions in a growing market.