RemoteLeaf Logo
Log in Sign up

Senior Manager Product Security

1 month, 1 week ago
United States
Contract
Lead
Application Security Engineer
DevOps and Infrastructure
AWS C C++ CI/CD DevSecOps GCP Java Kotlin Objective-C Penetration Testing Swift
Apply Now
TWO95 International

TWO95 International

TWO95 International is a global technology firm that specializes in providing comprehensive enterprise solutions, including BPM, Mobility, Cloud, Analytics, E-commerce, and Social Business, while also focusing on emerging technologies such as Generativ...

Internet Software & Services
51-250
Founded 2009
View All Jobs 27

Description

  • Lead and improve DevSecOps automation within CI/CD pipelines.
  • Conduct and manage a penetration testing program for both hardware and software platforms.
  • Integrate threat modeling practices into the product development lifecycle.
  • Promote and advance security culture, standards, and education across the engineering organization.
  • Research and evolve security technologies and processes based on current methodologies, trends, threats, and vulnerabilities.
  • Manage cloud security governance for AWS and GCP using tools that implement CIS benchmark scans, WAF policies, and IaC standards control.
  • Test and review web applications and services written in Java, C/C++, and mobile languages.
  • Produce and report metrics on the state of application security programs and the performance of development teams against requirements.
  • Document security work and deliverables collaboratively and keep documentation up to date as changes are made.

Requirements

  • 7–12 years of experience in security-related fields.
  • 1+ years of management experience.
  • High proficiency with DAST, SAST, and SCA tooling.
  • Experience testing and reviewing web applications/services written in Java, C/C++, and mobile languages.
  • Experience securing AWS and GCP environments, including using Infrastructure-as-Code (IaC).
  • Experience engaging in and improving DevSecOps automation in CI/CD pipelines.
  • Experience conducting and managing penetration testing for hardware and software platforms.
  • Experience integrating threat modeling into the product lifecycle.
  • Experience managing cloud security governance using CIS benchmark scans, WAF policies, and IaC standards control.
  • Strong documentation skills and experience producing metrics on application security programs and development team performance.

Benefits

  • 100% remote work.
  • Contract-to-hire engagement.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

e.l.f. Beauty

Senior Application Security Engineer

e.l.f. Beauty 251-1K Consumer Goods

Senior Application Security Engineer role at a remote marketing and digital commerce company focused on securing applications across the software development lifecycle.

India Full-time Lead Application Security Engineer
Agile AWS Azure CI/CD Cybersecurity DevSecOps GCP HTML JavaScript Penetration Testing Python REST API
19 hours, 36 minutes ago
Binance

Binance Accelerator Program - Blockchain / Smart Contract Security

Binance 5K-10K Capital Markets

Binance is seeking a Binance Accelerator Program participant to support smart contract and blockchain security work, including audits, vulnerability analysis, and risk detection across Web3 systems.

Asia Hong Kong Taiwan Internship Entry Level Application Security Engineer
Blockchain Git Python VS Code
1 day, 23 hours ago
Evolve Security Academy

Senior Application Security Tester & AI Red Team Subject Matter Expert

Evolve Security Academy 11-50 Internet Software & Services

Evolve Security is seeking a senior offensive security specialist to lead complex web, API, and AI red team engagements while defining the firm’s testing methodology for LLM-enabled and agentic systems.

United States Full-time Senior AI (Artificial Intelligence) Application Security Engineer
Bash GraphQL JavaScript JWT Metasploit Nmap OpenID Connect Penetration Testing Postman PowerShell Python REST API SAML SPA TypeScript
3 days, 8 hours ago
TOMORROW HIRE

Application Security Engineer - DAST & Burp Suite Enterprise Security Testing

TOMORROW HIRE Internet Software & Services

Application Security Engineer at a fully remote federal contractor supporting secure application development, testing, and compliance for enterprise web applications.

United States Full-time Senior Application Security Engineer
$120k-$140k
Bash Burp Suite C# CI/CD Eclipse Java Linux .NET Python Selenium Unix Visual Studio
3 days, 23 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers