Sr. Manager - Application Security
To see similar active jobs please follow this link: Remote System Administration jobs
**Candidate Note: This position is 100% remote for candidates based in the US**
As the Senior Manager of Application Security at EDB, you will play a pivotal role in safeguarding our applications and data, ensuring they meet the highest security standards. Your work will directly support our business objectives by protecting the trust customers place in EDB and ensuring the resilience of our products in an ever-evolving threat landscape.
What your impact will be:
Develop, implement, and support EDB’s application security services to be consumed by product teams across our all products and within our global infrastructure
Establish a threat modeling program based on industry-standards and frameworks (e.g., STRIDE, DREAD, PASTA).
Conduct threat modeling exercises throughout the application development lifecycle. Work with development teams to identify and analyze potential attack vectors, vulnerabilities and their potential impact to EDB products..
Develop guidance for the refinement of automated code review tooling such as DAST, SAST, SCA as well as manual testing techniques
Support Vulnerability Disclosure Program, triage, assess and analyze vulnerability reports submitted through the VDP, prioritizing them based on severity, risk, and exploitability.
Coordinate vulnerability remediation work with internal development teams to reproduce, validate, and prioritize vulnerabilities. Facilitate timely patch development and deployment, ensuring efficient resolution.
Work to integrate security practices into all phases of the SDLC, from requirements gathering to deployment and maintenance.
Develop guidance for managing open-source supply chain components, assess risks, and ensure compliance with enterprise policies.
Develop and track key performance indicators to measure the effectiveness of the application security program.
Build strong relationships with stakeholders across the organization and communicate security risks and recommendations effectively.
Partner with Information Security Program Management on the roadmap and execution of security activities across EDB’s business units
What you will bring:
Proven leadership in managing and mentoring a team of security professionals, with experience in cross-functional collaboration and driving security initiatives across multiple teams.
Bachelor's degree in Computer Science, Information Security, or a related field
7+ years of experience in application security, with at least 3 years in a leadership role
Strong understanding of security frameworks and standards (e.g., NIST 800-218, BSIMM, OWASP SAMM)
Experience with security tools and technologies (e.g., SAST, DAST, SCA, threat modeling)
Excellent communication and interpersonal skills
Strong analytical and problem-solving skills
What will give you an edge:
Advanced security certifications (e.g., CISSP, CISM, CISA)
Experience in cloud security and infrastructure as code
Knowledge of DevOps and Agile methodologies
Experience with open-source software security
Experience with incident response and digital forensics
Comp Range (DOE/Location): $180-210k + 10% annual bonus
About the job
Sr. Manager - Application Security
To see similar active jobs please follow this link: Remote System Administration jobs
**Candidate Note: This position is 100% remote for candidates based in the US**
As the Senior Manager of Application Security at EDB, you will play a pivotal role in safeguarding our applications and data, ensuring they meet the highest security standards. Your work will directly support our business objectives by protecting the trust customers place in EDB and ensuring the resilience of our products in an ever-evolving threat landscape.
What your impact will be:
Develop, implement, and support EDB’s application security services to be consumed by product teams across our all products and within our global infrastructure
Establish a threat modeling program based on industry-standards and frameworks (e.g., STRIDE, DREAD, PASTA).
Conduct threat modeling exercises throughout the application development lifecycle. Work with development teams to identify and analyze potential attack vectors, vulnerabilities and their potential impact to EDB products..
Develop guidance for the refinement of automated code review tooling such as DAST, SAST, SCA as well as manual testing techniques
Support Vulnerability Disclosure Program, triage, assess and analyze vulnerability reports submitted through the VDP, prioritizing them based on severity, risk, and exploitability.
Coordinate vulnerability remediation work with internal development teams to reproduce, validate, and prioritize vulnerabilities. Facilitate timely patch development and deployment, ensuring efficient resolution.
Work to integrate security practices into all phases of the SDLC, from requirements gathering to deployment and maintenance.
Develop guidance for managing open-source supply chain components, assess risks, and ensure compliance with enterprise policies.
Develop and track key performance indicators to measure the effectiveness of the application security program.
Build strong relationships with stakeholders across the organization and communicate security risks and recommendations effectively.
Partner with Information Security Program Management on the roadmap and execution of security activities across EDB’s business units
What you will bring:
Proven leadership in managing and mentoring a team of security professionals, with experience in cross-functional collaboration and driving security initiatives across multiple teams.
Bachelor's degree in Computer Science, Information Security, or a related field
7+ years of experience in application security, with at least 3 years in a leadership role
Strong understanding of security frameworks and standards (e.g., NIST 800-218, BSIMM, OWASP SAMM)
Experience with security tools and technologies (e.g., SAST, DAST, SCA, threat modeling)
Excellent communication and interpersonal skills
Strong analytical and problem-solving skills
What will give you an edge:
Advanced security certifications (e.g., CISSP, CISM, CISA)
Experience in cloud security and infrastructure as code
Knowledge of DevOps and Agile methodologies
Experience with open-source software security
Experience with incident response and digital forensics
Comp Range (DOE/Location): $180-210k + 10% annual bonus