RemoteLeaf Logo
Log in Sign up

Senior Manager Product Security

3 weeks, 2 days ago
United States
Contract
Lead
Application Security Engineer
DevOps and Infrastructure
AWS C C++ CI/CD DevSecOps GCP Java Kotlin Objective-C Penetration Testing Swift
Apply Now
TWO95 International

TWO95 International

TWO95 International is a global technology firm that specializes in providing comprehensive enterprise solutions, including BPM, Mobility, Cloud, Analytics, E-commerce, and Social Business, while also focusing on emerging technologies such as Generativ...

Internet Software & Services
51-250
Founded 2009
View All Jobs 27

Description

  • Lead and improve DevSecOps automation within CI/CD pipelines.
  • Conduct and manage a penetration testing program for both hardware and software platforms.
  • Integrate threat modeling practices into the product development lifecycle.
  • Promote and advance security culture, standards, and education across the engineering organization.
  • Research and evolve security technologies and processes based on current methodologies, trends, threats, and vulnerabilities.
  • Manage cloud security governance for AWS and GCP using tools that implement CIS benchmark scans, WAF policies, and IaC standards control.
  • Test and review web applications and services written in Java, C/C++, and mobile languages.
  • Produce and report metrics on the state of application security programs and the performance of development teams against requirements.
  • Document security work and deliverables collaboratively and keep documentation up to date as changes are made.

Requirements

  • 7–12 years of experience in security-related fields.
  • 1+ years of management experience.
  • High proficiency with DAST, SAST, and SCA tooling.
  • Experience testing and reviewing web applications/services written in Java, C/C++, and mobile languages.
  • Experience securing AWS and GCP environments, including using Infrastructure-as-Code (IaC).
  • Experience engaging in and improving DevSecOps automation in CI/CD pipelines.
  • Experience conducting and managing penetration testing for hardware and software platforms.
  • Experience integrating threat modeling into the product lifecycle.
  • Experience managing cloud security governance using CIS benchmark scans, WAF policies, and IaC standards control.
  • Strong documentation skills and experience producing metrics on application security programs and development team performance.

Benefits

  • 100% remote work.
  • Contract-to-hire engagement.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bugcrowd

Product Security Engineering Manager

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Product Security Engineering Manager to lead application, platform, and FedRAMP security programs while guiding a distributed team and advancing secure-by-default engineering across the company.

United States Full-time Senior Application Security Engineer
$176k-$242k
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
13 hours, 12 minutes ago
MongoDB

Senior Product Security Engineer, Server

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Product Security professional to strengthen the security of its core database products and customer-facing security features for its Database Server team in Dublin or remotely in Ireland.

Ireland Full-time Senior Application Security Engineer
AWS Azure C++ Encryption GCP MongoDB Penetration Testing Secrets Management
17 hours, 53 minutes ago
MongoDB

Director, Identity & Security Product Management

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Director of Identity and Security Product Management in Canada to lead the strategy and roadmap for IAM and security across its Atlas platform, core database, and related services.

Canada Full-time Executive Application Security Engineer Product Manager
$87k-$110k
AWS Azure GCP JIRA Microservices MongoDB Network Security
19 hours, 21 minutes ago
Backblaze

Sr. Software Engineer - Application Security

Backblaze 251-1K IT Services

Backblaze is hiring an Application Security Engineer to strengthen the security of its cloud storage and backup products by embedding application security into new and existing software across a large, distributed stack.

Mexico Colombia Argentina Costa Rica Full-time Senior Application Security Engineer Software Engineer
C C++ Encryption Go HTTP Java JavaScript Linux Node.js Python REST API TypeScript
19 hours, 33 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers