Senior Manager - Application Security

Primary Responsibilities

• Define and execute the enterprise application security strategy, embedding security controls throughout the SDLC and developer workflows.
• Oversee vulnerability scanning across applications, CI/CD pipelines, and developer environments; ensure timely remediation and reporting.
• Implement automated vulnerability detection and integrate findings into development workflows.
• Collaborate with development teams to embed security controls into application development and IDEs.
• Drive secure coding practices and provide guidance on OWASP, MITRE ATT&CK, and industry standards.
• Conduct threat modeling and attack surface analysis for new and existing applications.
• Manage hardening efforts and address misconfigurations across AWS cloud and on-prem platforms.
• Develop and maintain security automation scripts using Python and other relevant tools.
• Partner with stakeholders to ensure compliance with internal and external security requirements.

Key Qualifications

• Proven experience leading application security and vulnerability management programs in large-scale enterprise environments.
• Strong knowledge of AWS cloud security and on-prem infrastructure security principles.
• Expertise in CI/CD security, developer security tooling, and secure software development practices.
• Hands-on experience with vulnerability scanning tools, prioritization frameworks, and remediation workflows.
• Proficiency in Python for automation and security-related scripting.
• Familiarity with OWASP Top 10, MITRE ATT&CK framework, and secure coding standards.
• Ability to analyze and remediate misconfigurations, reduce attack surface, and enforce hardening measures.
• Excellent communication and stakeholder management skills.

This position requires three days per week onsite in Charlotte, NC. Visa sponsorship is not available for this role.