Manager Application Security

Mid / Senior

In Office / Hybrid

The Manager, Application Security is responsible for leading, scaling, and maturing enterprise application security capabilities across a complex technology environment. This role owns the application security program end to end, ensuring secure software development practices are embedded into the SDLC while balancing regulatory, risk, and business requirements. As part of the cybersecurity organization, this role partners closely with engineering, platform, cloud, DevOps, and risk teams to drive measurable risk reduction without slowing delivery.

Key Responsibilities

Lead the enterprise application security program across web, API, and mobile platforms
Define and execute the application security vision, strategy, and roadmap aligned to business and risk objectives
Establish and enforce application security standards, secure coding practices, and control requirements
Partner with engineering leadership to embed security into architecture, design, and delivery decisions
Oversee integration of application security testing tools, including SAST, DAST, and SCA, into CI CD pipelines
Lead application security assessments and risk based remediation planning
Provide threat informed guidance to engineering teams on high risk vulnerabilities and design patterns
Collaborate with vulnerability management, cloud security, and infrastructure teams to drive cohesive risk reduction
Establish governance, metrics, and reporting to measure application security maturity and effectiveness
Represent application security in audit, regulatory, and risk management engagements
Translate technical security risks into clear, business relevant insights for senior leaders
Build, mentor, and develop application security engineers and subject matter experts
Continuously improve tooling, automation, and processes to scale AppSec capabilities efficiently

Required Experience and Skills

10 plus years of cybersecurity experience with a strong focus on application security
5 plus years of people or program leadership experience operating an application security program in an enterprise environment
Deep understanding of application security risks, including OWASP Top 10 and API security threats
Hands on experience with modern SDLC, CI CD, and DevSecOps practices
Experience implementing and managing application security testing tools and processes
Ability to assess application architecture, design patterns, and authentication and authorization models
Strong experience partnering with engineering teams to drive secure by design outcomes
Excellent written and verbal communication skills, including executive level reporting
Proven ability to influence engineering, product, risk, and compliance stakeholders

Preferred Experience

Experience in highly regulated industries such as financial services or healthcare
Familiarity with cloud native and microservices based architectures
Experience with API security platforms and runtime visibility tools
Background in penetration testing or threat modeling
Experience defining application security metrics, KPIs, and maturity models Education and Certifications
Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field
Preferred certifications include CISSP, CISM, CISA, GPEN, or equivalent

The salary range for this position is from $133,000 to $190,000 per year

{"group":"Organization","title":"Manager Application Security","skills":"Required Experience and Skills <ul><li>10 plus years of cybersecurity experience with a strong focus on application security </li><li>5 plus years of people or program leadership experience operating an application security program in an enterprise environment </li><li>Deep understanding of application security risks, including OWASP Top 10 and API security threats </li><li>Hands on experience with modern SDLC, CI CD, and DevSecOps practices </li><li>Experience implementing and managing application security testing tools and processes </li><li>Ability to assess application architecture, design patterns, and authentication and authorization models </li><li>Strong experience partnering with engineering teams to drive secure by design outcomes </li><li>Excellent written and verbal communication skills, including executive level reporting </li><li>Proven ability to influence engineering, product, risk, and compliance stakeholders Preferred Experience </li><li>Experience in highly regulated industries such as financial services or healthcare </li><li>Familiarity with cloud native and microservices based architectures </li><li>Experience with API security platforms and runtime visibility tools </li><li>Background in penetration testing or threat modeling </li><li>Experience defining application security metrics, KPIs, and maturity models Education and Certifications </li><li>Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field </li><li>Preferred certifications include CISSP, CISM, CISA, GPEN, or equivalent.</li></ul>","endDate":"2026-05-23T13:41:35.886Z","isDraft":false,"jobType":"Full Time","job_url":"3440-citizens-manager-application-security","agencyId":1,"benefits":"","betaMode":false,"clientId":"35","location":[{"lat":40.5753817,"lon":-74.3223703,"zip":"","city":"Woodbridge Township","text":"Iselin, Woodbridge Township, NJ, USA","state":"New Jersey","country":"United States","is_city":true,"is_state":false,"is_country":false,"state_code":"NJ","countryCode":"US","isLocationSet":true,"nearByHexCodes":["842a107ffffffff","842a105ffffffff","842a12bffffffff","842a13dffffffff","842a139ffffffff","842a103ffffffff","842a101ffffffff"],"loc_h3_hex_res4":"842a107ffffffff","isLocationResolved":true}],"eeocFound":false,"maxSalary":"","minSalary":"","startDate":"2026-04-28T18:30:00.000Z","currencyIn":"USD","hiringSPOC":"User / Info not available","hiringTags":[],"onBehalfOf":"49","companyName":"Meytier","description":"The Manager, Application Security is responsible for leading, scaling, and maturing enterprise application security capabilities across a complex technology environment. This role owns the application security program end to end, ensuring secure software development practices are embedded into the SDLC while balancing regulatory, risk, and business requirements. As part of the cybersecurity organization, this role partners closely with engineering, platform, cloud, DevOps, and risk teams to drive measurable risk reduction without slowing delivery. Key Responsibilities • Lead the enterprise application security program across web, API, and mobile platforms • Define and execute the application security vision, strategy, and roadmap aligned to business and risk objectives • Establish and enforce application security standards, secure coding practices, and control requirements • Partner with engineering leadership to embed security into architecture, design, and delivery decisions • Oversee integration of application security testing tools, including SAST, DAST, and SCA, into CI CD pipelines • Lead application security assessments and risk based remediation planning • Provide threat informed guidance to engineering teams on high risk vulnerabilities and design patterns • Collaborate with vulnerability management, cloud security, and infrastructure teams to drive cohesive risk reduction • Establish governance, metrics, and reporting to measure application security maturity and effectiveness • Represent application security in audit, regulatory, and risk management engagements • Translate technical security risks into clear, business relevant insights for senior leaders • Build, mentor, and develop application security engineers and subject matter experts • Continuously improve tooling, automation, and processes to scale AppSec capabilities efficiently Required Experience and Skills • 10 plus years of cybersecurity experience with a strong focus on application security • 5 plus years of people or program leadership experience operating an application security program in an enterprise environment • Deep understanding of application security risks, including OWASP Top 10 and API security threats • Hands on experience with modern SDLC, CI CD, and DevSecOps practices • Experience implementing and managing application security testing tools and processes • Ability to assess application architecture, design patterns, and authentication and authorization models • Strong experience partnering with engineering teams to drive secure by design outcomes • Excellent written and verbal communication skills, including executive level reporting • Proven ability to influence engineering, product, risk, and compliance stakeholders Preferred Experience • Experience in highly regulated industries such as financial services or healthcare • Familiarity with cloud native and microservices based architectures • Experience with API security platforms and runtime visibility tools • Background in penetration testing or threat modeling • Experience defining application security metrics, KPIs, and maturity models Education and Certifications • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field • Preferred certifications include CISSP, CISM, CISA, GPEN, or equivalent","isHybridJob":true,"isRemoteJob":false,"salaryRange":"$130K- $190K base","titleSkills":[{"keyword":"application security","node_id":"i950","removed":false,"node_ptr":[["meytier_root","information technology","systems engineering","software engineering","software development","application security"]],"priority":-1,"alignedTF":true,"must_have":false,"node_name":"application security","extractedTF":true,"not_a_skill":false,"nice_to_have":false,"nodeAlignedWt":17,"is_industry_term":false,"gender_threshold_yn":"","final_node_fft_weights":{"software development":1},"final_node_skarea_basetype":""}],"dateRecieved":"20211019000000","isJDVerified":true,"otherCohorts":[],"benefitsFound":false,"hiringManager":["User / Info not available"],"maxExperience":15,"minExperience":10,"type_of_slate":"job","hiringFunction":["information technology"],"isOnPremiseJob":true,"onBehalfOfName":"Citizens","otherlocations":[{"lat":41.8205199,"lon":-71.51261699999999,"zip":"02919","city":"Johnston","text":"Johnston, RI, USA","state":"Rhode Island","country":"United States","is_city":true,"is_state":false,"is_country":false,"state_code":"RI","countryCode":"US","isLocationSet":true,"nearByHexCodes":["842a331ffffffff","842a33dffffffff","842a335ffffffff","842a337ffffffff","842a333ffffffff","842a33bffffffff","842a339ffffffff"],"loc_h3_hex_res4":"842a331ffffffff","isLocationResolved":true},{"lat":42.3555076,"lon":-71.0565364,"zip":"","city":"Boston","text":"Boston, MA, USA","state":"Massachusetts","country":"United States","is_city":true,"is_state":false,"is_country":false,"state_code":"MA","countryCode":"US","isLocationSet":true,"nearByHexCodes":["842a307ffffffff","842a305ffffffff","842a32bffffffff","842a33dffffffff","842a339ffffffff","842a303ffffffff","842a301ffffffff"],"loc_h3_hex_res4":"842a307ffffffff","isLocationResolved":true},{"lat":42.21398730000001,"lon":-71.2244987,"zip":"02090","city":"Westwood","text":"Westwood, MA, USA","state":"Massachusetts","country":"United States","is_city":true,"is_state":false,"is_country":false,"state_code":"MA","countryCode":"US","isLocationSet":true,"nearByHexCodes":["842a339ffffffff","842a307ffffffff","842a33dffffffff","842a331ffffffff","842a33bffffffff","842a315ffffffff","842a303ffffffff"],"loc_h3_hex_res4":"842a339ffffffff","isLocationResolved":true}],"blindHiringMode":false,"experienceLevel":"Mid / Senior","hiringFunctions":[],"annotationStatus":1,"otherCohortsName":"","responsibilities":"Key Responsibilities <ul><li>Lead the enterprise application security program across web, API, and mobile platforms </li><li>Define and execute the application security vision, strategy, and roadmap aligned to business and risk objectives </li><li>Establish and enforce application security standards, secure coding practices, and control requirements </li><li>Partner with engineering leadership to embed security into architecture, design, and delivery decisions </li><li> Oversee integration of application security testing tools, including SAST, DAST, and SCA, into CI CD pipelines • Lead application security assessments and risk based remediation planning </li><li>Provide threat informed guidance to engineering teams on high risk vulnerabilities and design patterns </li><li>Collaborate with vulnerability management, cloud security, and infrastructure teams to drive cohesive risk reduction </li><li>Establish governance, metrics, and reporting to measure application security maturity and effectiveness </li><li>Represent application security in audit, regulatory, and risk management engagements </li><li>Translate technical security risks into clear, business relevant insights for senior leaders </li><li>Build, mentor, and develop application security engineers and subject matter experts </li><li>Continuously improve tooling, automation, and processes to scale AppSec capabilities efficiently</li></ul>","extractedSkillIds":["i950"],"maxSeniorityLevel":6,"minSeniorityLevel":3,"otherJobReference":"","sharpenedJobTitle":"Manager Application Security","job_category_group":3,"educationQualification":"Baccalaureate Degree","extractSkillsFromHereToo":true,"companyTeamJobIntroduction":"The Manager, Application Security is responsible for leading, scaling, and maturing enterprise application security capabilities across a complex technology environment. This role owns the application security program end to end, ensuring secure software development practices are embedded into the SDLC while balancing regulatory, risk, and business requirements. As part of the cybersecurity organization, this role partners closely with engineering, platform, cloud, DevOps, and risk teams to drive measurable risk reduction without slowing delivery.","dNIEEOCTextFocusOtherControl":"","expertise_coreskill_or_product":["application security"],"displayJobDescriptionSimpleForm":true,"expertise_functional_area_hiring_team":"","job_id":"3440"}