Application Security Manager
Denver, CO (Hybrid/Remote options available)
Join a dynamic and innovative fintech company based in Denver, CO. We specialize in providing cutting-edge financial services and solutions to clients globally, with a focus on security, efficiency, and transparency. We prioritize the security of our applications and infrastructure to ensure the highest level of trust and protection for our customers.
Overview
We are seeking an experienced Application Security Manager to lead and enhance our security efforts across the application development lifecycle. The ideal candidate will have a strong background in securing web and mobile applications in a fast-paced, agile environment, with a deep understanding of fintech security requirements and regulations. You will collaborate closely with development, DevOps, and product teams to integrate security best practices and mitigate risks at every stage of development.
Key Responsibilities
- Lead the design, implementation, and management of security programs for our applications, ensuring compliance with industry standards and best practices.
- Conduct threat modeling, vulnerability assessments, and security code reviews to identify potential risks and recommend remediation strategies.
- Collaborate with development teams to integrate security practices into the software development lifecycle (SDLC).
- Manage and oversee security incident response processes related to application vulnerabilities.
- Ensure compliance with relevant regulations (e.g., PCI-DSS, GDPR, SOC 2) and internal security policies.
- Provide mentorship and guidance to the development teams on secure coding practices and tools.
- Work with third-party vendors and partners to assess and mitigate security risks in third-party applications.
- Stay up to date with the latest security trends, threats, and technology developments, and proactively recommend improvements.
- Lead penetration testing efforts and manage any external security assessments.
Qualifications
- Bachelor’s degree in computer science, Information Security, or a related field (or equivalent work experience).
- 5+ years of experience in application security, with at least 2 years in a leadership or managerial role.
- Strong knowledge of security protocols, cryptography, authentication, authorization, and various security frameworks.
- Hands-on experience with security tools such as static and dynamic analysis tools (SAST/DAST), vulnerability scanning, and penetration testing tools.
- Familiarity with cloud security, especially in environments like AWS, Azure, or Google Cloud.
- Strong experience with Software Composition Analysis tools (i.e. BlackDuck, Xray,
Snyk, etc.)
- Experience with SAST/DAST/IAST and CI/CD tools
- Experience working within a fintech or regulated environment is a plus.
- Strong understanding of common vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
- Excellent communication and leadership skills, with the ability to work cross-functionally and drive security initiatives.
Benefits
- Competitive salary and performance bonuses.
- Comprehensive health, dental, and vision coverage.
- 401(k) plan with company match.
- Flexible working hours and remote work options.
- Opportunities for professional development and continuous learning.