RemoteLeaf Logo
Log in Sign up

Information Security Manager

1 month ago
United States
Full-time
Senior
Application Security Engineer
DevOps and Infrastructure
AWS Generative AI Microservices Network Security Penetration Testing Serverless SIEM
Apply Now
TrueML

TrueML

TrueML develops innovative financial technology solutions that enhance customer experience and aim to improve the financial health of consumers by addressing their unique needs and preferences.

Internet Software & Services
51-250
Founded 2013
View All Jobs 4

Description

  • Develop, implement, and maintain a comprehensive application security strategy aligned with business objectives and industry best practices.
  • Lead, mentor, and grow the application security team, fostering security awareness and continuous improvement across the organization.
  • Oversee day-to-day application security operations including monitoring, threat detection, incident response, and vulnerability management.
  • Design, implement, and manage security controls for the cloud-based SaaS platform (AWS), corporate network, and endpoints.
  • Conduct regular application security assessments, penetration tests, and vulnerability scans, and manage remediation of identified issues.
  • Maintain an application security risk management framework to identify, analyze, and treat risks and report risk posture to leadership.
  • Ensure compliance with relevant regulatory requirements and industry standards (e.g., ISO 27001, NIST, PCI DSS, GDPR) and coordinate internal/external audits.
  • Evaluate and recommend application security technologies and tools to enhance the organization’s security posture.
  • Lead security incident response across detection, containment, eradication, recovery and conduct post-incident reviews to implement preventative measures.

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent practical experience.
  • 5+ years of experience in application security, including at least 2+ years in a management or leadership role, preferably at a SaaS company.
  • Proven experience designing and securing cloud-native environments (microservices, containers, serverless) on AWS.
  • Proven experience developing and managing an enterprise-level information security program.
  • Strong knowledge of vulnerability analysis, network and infrastructure security, identity and access management, logging and monitoring, incident response, application security, and data protection technologies.
  • Familiarity with common exploitation techniques, attack vectors, defensive strategies, SIEM tools, vulnerability scanners, penetration testing, and threat modeling methodologies.
  • Relevant security certifications such as CISSP, CISM, or CISA (preferred).
  • Understanding of generative AI use within security and engineering and associated best practices.
  • Exceptional communication, interpersonal, leadership, organizational, and project management skills.
  • Must be authorized to work in the U.S. without sponsorship (sponsorship not available).

Benefits

  • $150,000 - $190,000 a year salary range.
  • Remote (U.S.) full-time position.
  • Opportunity to work with cross-functional teams including data scientists, financial services experts, and customer experience professionals.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Toyota Tsusho Systems

Principal Embedded Software Developer (VSE)

Toyota Tsusho Systems 51-250 IT Services

Principal Software Engineer at Toyota responsible for architecting and delivering secure, mission-critical in-vehicle embedded software and driving production-quality feature implementations.

United States Full-time Lead Application Security Engineer Embedded Systems Engineer
C C++ CI/CD Cybersecurity Embedded Systems Encryption HIPAA OWASP Penetration Testing Rust TLS
1 month ago
Samsara

Senior Security Engineer - Threat Modeling

Samsara 1K-5K IT Services

Senior Security Engineer at Samsara, responsible for leading and owning the company’s threat modeling program and related application/product security efforts to reduce software risk and protect customers while working cross-functionally across engineering, product, and security teams.

United States Full-time Senior Application Security Engineer
$158k-$265k
AWS Go IoT Python
1 month ago
Veeam Software

Senior DevSecOps Engineer

Veeam Software 1K-5K Internet Software & Services

Senior DevSecOps Engineer at Veeam responsible for integrating and operating security controls across the software development lifecycle to embed SAST/SCA and other security tooling into CI/CD pipelines and reduce supply-chain risk.

Portugal Full-time Senior Application Security Engineer DevOps Engineer
Ansible Azure Bash CI/CD CloudFormation DevSecOps Docker Git Helm Jenkins Kubernetes Linux Network Security PowerShell Python TeamCity Terraform YAML
1 month ago
Databricks

Staff Product Security Engineer

Databricks 1K-5K IT Services

Individual contributor on Databricks' Product Security team responsible for managing SDLC security functions across products to reduce vulnerabilities and minimize externally reported security issues in Databricks services.

Netherlands Full-time Senior Application Security Engineer
Apache Spark HIPAA Java JavaScript MLflow Python Scala
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers