RemoteLeaf Logo
Log in Sign up

Senior Manager Product Security

3 days, 16 hours ago
United States
Contract
Lead
Application Security Engineer
DevOps and Infrastructure
AWS C C++ CI/CD DevSecOps GCP Java Kotlin Objective-C Penetration Testing Swift
Apply Now
TWO95 International

TWO95 International

TWO95 International is a global technology firm that specializes in providing comprehensive enterprise solutions, including BPM, Mobility, Cloud, Analytics, E-commerce, and Social Business, while also focusing on emerging technologies such as Generativ...

Internet Software & Services
51-250
Founded 2009
View All Jobs 28

Description

  • Lead and improve DevSecOps automation within CI/CD pipelines.
  • Conduct and manage a penetration testing program for both hardware and software platforms.
  • Integrate threat modeling practices into the product development lifecycle.
  • Promote and advance security culture, standards, and education across the engineering organization.
  • Research and evolve security technologies and processes based on current methodologies, trends, threats, and vulnerabilities.
  • Manage cloud security governance for AWS and GCP using tools that implement CIS benchmark scans, WAF policies, and IaC standards control.
  • Test and review web applications and services written in Java, C/C++, and mobile languages.
  • Produce and report metrics on the state of application security programs and the performance of development teams against requirements.
  • Document security work and deliverables collaboratively and keep documentation up to date as changes are made.

Requirements

  • 7–12 years of experience in security-related fields.
  • 1+ years of management experience.
  • High proficiency with DAST, SAST, and SCA tooling.
  • Experience testing and reviewing web applications/services written in Java, C/C++, and mobile languages.
  • Experience securing AWS and GCP environments, including using Infrastructure-as-Code (IaC).
  • Experience engaging in and improving DevSecOps automation in CI/CD pipelines.
  • Experience conducting and managing penetration testing for hardware and software platforms.
  • Experience integrating threat modeling into the product lifecycle.
  • Experience managing cloud security governance using CIS benchmark scans, WAF policies, and IaC standards control.
  • Strong documentation skills and experience producing metrics on application security programs and development team performance.

Benefits

  • 100% remote work.
  • Contract-to-hire engagement.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Owner.com

Application Security Engineer

Owner.com 11-50 Internet Software & Services

Owner.com is hiring a remote Application Security Engineer to secure its restaurant-focused AI growth platform by testing, remediating, and preventing application security issues across the product line.

United States Canada Mexico Colombia Full-time Senior Application Security Engineer
$190k-$220k
Penetration Testing
4 hours, 46 minutes ago
Canary

Senior Application Security Engineer

Canary 11-50 Internet Software & Services

Canary Technologies is hiring a Senior Application Security Engineer to embed security into its fully remote engineering organization and help secure and scale its hospitality software platform.

United States Full-time Senior Application Security Engineer
AWS Burp Suite CI/CD Encryption GitHub Actions GitOps Go Helm JavaScript Kubernetes Penetration Testing Python Secrets Management SonarQube Terraform WAF
6 hours, 16 minutes ago
Pennylane

Senior Application Security Engineer

Pennylane 251-1K Diversified Financial Services

Pennylane is hiring a Senior Application Security Engineer to safeguard its web application, cloud infrastructure, and development practices while supporting compliance and security awareness across a fast-growing remote fintech team.

United Kingdom Croatia France Germany Greece Ireland Italy Poland Portugal Romania Spain Full-time Senior Application Security Engineer
AWS CI/CD JavaScript Kubernetes Penetration Testing Python React Ruby Ruby on Rails
7 hours, 1 minute ago
Spotify

Security Engineer - Product Security

Spotify Media

Spotify is hiring a Security Engineer for its Product Security team in London or Stockholm to help secure engineering initiatives, application development, and AI-driven systems at global scale.

United Kingdom Sweden Full-time Senior Application Security Engineer Security Engineer
Agile C++ Encryption Generative AI Java Machine Learning Python Scala TypeScript
7 hours, 31 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers