CrawlJobs Logo
Citizens Bank Logo Citizens Bank · IT - Administration

Manager Application Security

United States, Johnston Employment contract 133000.00 - 190000.00 USD / Year · Job Posted May 05, 2026
Apply Position
Job Link Share

Job Description

Manager, Application Security Hybrid Work Arrangement Hybrid work arrangement required with 4 days on site and 1 remote in one of our organizational hubs, Iselin, NJ - Johnston, RI - Westwood OR Boston, MA The Manager, Application Security is responsible for leading, scaling, and maturing enterprise application security capabilities across a complex technology environment. This role owns the application security program end to end, ensuring secure software development practices are embedded into the SDLC while balancing regulatory, risk, and business requirements. As part of the cybersecurity organization, this role partners closely with engineering, platform, cloud, DevOps, and risk teams to drive measurable risk reduction without slowing delivery.

Job Responsibility

  • Lead the enterprise application security program across web, API, and mobile platforms
  • Define and execute the application security vision, strategy, and roadmap aligned to business and risk objectives
  • Establish and enforce application security standards, secure coding practices, and control requirements
  • Partner with engineering leadership to embed security into architecture, design, and delivery decisions
  • Oversee integration of application security testing tools, including SAST, DAST, and SCA, into CI CD pipelines
  • Lead application security assessments and risk based remediation planning
  • Provide threat informed guidance to engineering teams on high risk vulnerabilities and design patterns
  • Collaborate with vulnerability management, cloud security, and infrastructure teams to drive cohesive risk reduction
  • Establish governance, metrics, and reporting to measure application security maturity and effectiveness
  • Represent application security in audit, regulatory, and risk management engagements
  • Translate technical security risks into clear, business relevant insights for senior leaders
  • Build, mentor, and develop application security engineers and subject matter experts
  • Continuously improve tooling, automation, and processes to scale AppSec capabilities efficiently

Requirements

  • 10 plus years of cybersecurity experience with a strong focus on application security
  • 5 plus years of people or program leadership experience operating an application security program in an enterprise environment
  • Deep understanding of application security risks, including OWASP Top 10 and API security threats
  • Hands on experience with modern SDLC, CI CD, and DevSecOps practices
  • Experience implementing and managing application security testing tools and processes
  • Ability to assess application architecture, design patterns, and authentication and authorization models
  • Strong experience partnering with engineering teams to drive secure by design outcomes
  • Excellent written and verbal communication skills, including executive level reporting
  • Proven ability to influence engineering, product, risk, and compliance stakeholders
  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a related field

Nice to have

  • Experience in highly regulated industries such as financial services or healthcare
  • Familiarity with cloud native and microservices based architectures
  • Experience with API security platforms and runtime visibility tools
  • Background in penetration testing or threat modeling
  • Experience defining application security metrics, KPIs, and maturity models
  • Preferred certifications include CISSP, CISM, CISA, GPEN, or equivalent

What we offer

  • comprehensive medical, dental, and vision coverage
  • retirement benefits
  • maternity and paternity leave
  • flexible work arrangements
  • education reimbursement
  • wellness programs
Citizens Bank - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Manager Application Security

8 matching positions

Engineering Manager, Application Security

At Qualia, we've built the leading B2B real estate technology that transforms th...
Location
Location
United States
Salary
Salary:
210000.00 - 240000.00 USD / Year
qualia.com Logo
Qualia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years as a security or full-stack engineer working on production systems, with 2+ years managing a security or platform engineering team
  • Hands-on depth in application security: threat modeling, code review, and at least one offensive-security discipline (pen testing, red team)
  • Track record of shipping automation that changed how a team worked - ideally including meaningful use of LLMs, agents, or ML in a security or engineering workflow
  • Comfort operating across the full security lifecycle: prevention, detection, response, and recovery
  • Strong written communication. You can write the design doc, the post-mortem, and the board-ready summary - and you can tell a product engineer why their proposal needs to change without shutting down the conversation
  • Keen product sense and a bias toward measurable impact. You care whether the risk actually went down, not whether a ticket got closed
Job Responsibility
Job Responsibility
  • Lead and grow the Application Security team - coaching senior AppSec engineers, setting goals, and owning delivery against the security roadmap
  • Build the automated pen-testing program. Stand up pipelines that run continuous, AI-assisted offensive testing against our services, APIs, and web properties - and turn the output into a triaged, actionable queue
  • Scale triage with AI. Design the workflows and tooling that let the team handle 10x the volume of findings (bug bounty, scanner output, customer reports) without 10x the headcount
  • Review engineering proposals. Sit at the front of the design process with engineering leaders across Core, Clear, Shield, Connect, and Atlas - reviewing RFCs and proposals, flagging risk early, and helping teams ship securely by default
  • Run red-teaming exercises. Drive recurring red team engagements - both internal exercises and coordinated vendor work - and close the loop into detection, response, and product hardening
  • Own the AppSec vision. Partner with the leadership team to set multi-quarter strategy across anomaly detection, threat modeling, and AI-augmented defense
  • Fight fires when they happen. Lead incident response from the application security side, and be the person engineering trusts to make the call in the room
  • Mentor and hire. Recruit strong AppSec engineers, mentor the ones you have, and build a team culture where people are pushed and supported in equal measure
What we offer
What we offer
  • comprehensive health plans
  • 401k program
  • commuter benefits
  • professional development
  • parental leave
  • flexible time off policy
  • robust online onboarding program
  • biweekly all hands meetings
  • variety of internal virtual events
  • Fulltime
Read More
Arrow Right

Test Manager - Application Security & Penetration Testing

The Manager, Application Security is responsible for strengthening our enterpris...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information security, Computer Science, or related field
  • Professional certifications such as CREST, OSCP+, OSEP, or GPEN
  • 7+ years of IT security experience, with at least 4 years of direct experience in project-based and annual penetration testing for web, mobile, and API applications
  • Experienced in secure code reviews, software composition analysis, container image assurance, and vulnerability assessments
  • Strong technical knowledge of web, mobile, and API security, including OWASP Top 10 and common attack vectors
  • Hands-on expertise with security testing tools
  • Working knowledge of MAS TRM, MAS Cyber Hygiene, and BNM RMiT requirements
Job Responsibility
Job Responsibility
  • Conduct penetration testing for web, mobile, and API applications
  • Perform secure code reviews, software composition analysis, and container image assurance to identify vulnerabilities early in the SDLC
  • Perform vulnerability assessments for applications, middleware, and supporting systems
  • Utilise industry-standard tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Black Duck, Nessus, Aqua and Qualys
  • Triage, validate, and prioritise security findings from security assessments
  • Work with development, DevOps, and infrastructure teams to ensure timely remediation
  • Track and report remediation progress, ensuring closure within timelines required by regulatory instruments and Technology Security Standards
  • Provide guidance to developers and project teams on secure coding practices
  • Embed application security controls and tools (SAST, DAST, SCA, IAST) into CI/CD pipelines
  • Maintain security documentation and provide evidence for audits and regulatory reviews
  • Fulltime
Read More
Arrow Right

Senior Manager, Application Security

PagerDuty is seeking a Senior Manager, Application Security to join our team. As...
Location
Location
United States , Atlanta
Salary
Salary:
191000.00 - 321200.00 USD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience building and scaling security teams in high-growth SaaS environments
  • Strong ability to communicate complex security concepts to technical, non-technical, and executive audiences
  • Demonstrated success leading in fast-paced, dynamic environments
  • Deep understanding of application and product security, including secure SDLC and threat modeling
  • Expertise in cloud-native security across AWS or Azure environments
Job Responsibility
Job Responsibility
  • Define, develop, and execute a forward-looking application security strategy
  • Recruit, develop, and retain top talent in security
  • Collaborate closely with engineering teams to design, implement, and operate secure systems
  • Build a developer-centric security program
  • Drive complex, cross-functional security initiatives
  • Develop and maintain technical solutions to proactively address security threats
  • Partner with tech leads and executive leadership to review technical designs
  • Manage the full lifecycle of security incidents
  • Develop and track metrics and KPIs to measure application security effectiveness
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent
  • Fulltime
Read More
Arrow Right

Test Manager - Application Security & Penetration testing

The Test Manager for Application Security and Penetration Testing will enhance t...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information security, Computer Science, or related field
  • Professional certifications such as CREST, OSCP+, OSEP, or GPEN
  • 7+ years of IT security experience, with at least 4 years of direct experience in project-based and annual penetration testing for web, mobile, and API applications
  • Experienced in secure code reviews, software composition analysis, container image assurance, and vulnerability assessments
  • Strong technical knowledge of web, mobile, and API security, including OWASP Top 10 and common attack vectors
  • Hands-on expertise with security testing tools mentioned above
  • Working knowledge of MAS TRM, MAS Cyber Hygiene, and BNM RMiT requirements
Job Responsibility
Job Responsibility
  • Conduct penetration testing for web, mobile, and API applications
  • Perform secure code reviews, software composition analysis, and container mage assurance to identify vulnerabilities early in the SDLC
  • Perform vulnerability assessments for applications, middleware, and supporting systems
  • Utilise industry-standard tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, Black Duck, Nessus, Aqua and Qualys
  • Triage, validate, and prioritise security findings from security assessments
  • Work with development, DevOps, and infrastructure teams to ensure timely remediation
  • Track and report remediation progress, ensuring closure within timelines required by regulatory instruments and Technology Security Standards
  • Provide guidance to developers and project teams on secure coding practices
  • Embed application security controls and tools (SAST, DAST, SCA, IAST) into CI/CD pipelines
  • Maintain security documentation and provide evidence for audits and regulatory reviews
  • Fulltime
Read More
Arrow Right

Application Security Sales Manager

This is a high-impact, revenue-generating role focused on new business developme...
Location
Location
Malaysia , Kuala Lumpur
Salary
Salary:
10000.00 - 13000.00 MYR / Year
https://www.randstad.com Logo
Randstad
Expiration Date
July 03, 2026
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Business, Marketing, IT, or a related field
  • 4–6 years of experience in sales or channel management within SaaS, software, cybersecurity, or BFSI sectors
  • Strong understanding of cybersecurity or advanced technology solutions is highly advantageous
  • Proven experience in business development and executing sales strategies
  • Demonstrated success in new logo acquisition and building territories from scratch
  • Strong communication and stakeholder management skills, with the ability to influence at all levels
  • Experience managing end-to-end sales cycles and delivering against targets
  • Highly self-motivated, resilient, and results-driven with a strong "hunter" mindset
Job Responsibility
Job Responsibility
  • Identify, qualify, and close new business opportunities within the assigned territory
  • Leverage existing industry networks to accelerate pipeline development and shorten sales cycles
  • Engage both technical and business stakeholders, articulating solution value effectively
  • Develop and manage partnerships with distributors, system integrators, and technology partners
  • Own the full sales cycle from prospecting through to deal closure
  • Maintain accurate sales forecasts and consistently achieve revenue targets
  • Gather market intelligence on competitors, pricing, and customer needs
  • Conduct ongoing market research to stay ahead of industry trends
  • Represent the organisation at industry events, conferences, and client engagements
  • Provide regular reporting on pipeline, forecasts, and sales performance to leadership
What we offer
What we offer
  • Attractive commissions package
  • Join a high-growth company in one of the most in-demand technology sectors
  • Opportunity to shape market presence and drive regional expansion
  • Work closely with leadership and influence go-to-market strategy
  • Dynamic, fast-paced environment with strong career progression potential
  • Fulltime
Read More
Arrow Right

Application Security Engineering Manager

I'm hiring for an Application Security Engineering Manager to lead and scale a h...
Location
Location
United States , New York City
Salary
Salary:
Not provided
thisisiceberg.com Logo
Iceberg Cyber Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Led AppSec teams in sophisticated engineering environments
  • understands secure SDLC
  • threat modelling
  • code review
  • application architecture risk
  • cloud/application controls
  • modern software delivery practices
  • comfortable communicating with senior stakeholders
Job Responsibility
Job Responsibility
  • Manage a distributed AppSec team
  • build out the New York function
  • set direction
  • prioritise work
  • develop engineers
  • ensure high-quality application security outcomes
  • shape AI security strategy including secure AI adoption, AI-assisted coding risks, controls, governance, and future hiring for dedicated AI Security Lead
  • act as trusted deputy to the CISO
Read More
Arrow Right

Senior Engineering Manager, Application and Product Security

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park
Salary
Salary:
247000.00 - 290000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience leading security, platform, or infrastructure teams at scale, with clear ownership of strategy, execution, and outcomes
  • Deep expertise in application and product security, with a strong understanding of modern software development and platform architectures
  • Proven ability to operate as a technical leader and influencer, not only a people manager
  • Track record of partnering with senior engineering and business stakeholders to drive security outcomes through collaboration rather than gatekeeping
  • Ability to navigate ambiguity, set direction, and make sound risk-based decisions that scale with the organization
Job Responsibility
Job Responsibility
  • Set the multi-quarter technical and organizational strategy for product and application security, aligned with company priorities and risk posture
  • Lead, develop, and retain a team of security and software engineers, including coaching senior ICs and building future leaders
  • Own the design, delivery, and long-term evolution of AI platform security, governance frameworks, and security visibility
  • Establish and scale product security review practices that shift security engagement earlier in the product lifecycle and are adopted broadly across engineering
  • Act as a senior security partner to engineering, product, and business leadership, influencing architectural decisions and balancing security risk with business outcomes
What we offer
What we offer
  • Performance-driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet — a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right

Senior Engineering Manager, Application and Product Security

Join us in building the future of finance. Our mission is to democratize finance...
Location
Location
United States , Menlo Park
Salary
Salary:
247000.00 - 290000.00 USD / Year
robinhood.com Logo
Robinhood
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience leading security, platform, or infrastructure teams at scale, with clear ownership of strategy, execution, and outcomes
  • Deep expertise in application and product security, with a strong understanding of modern software development and platform architectures
  • Proven ability to operate as a technical leader and influencer, not only a people manager
  • Track record of partnering with senior engineering and business stakeholders to drive security outcomes through collaboration rather than gatekeeping
  • Ability to navigate ambiguity, set direction, and make sound risk-based decisions that scale with the organization
Job Responsibility
Job Responsibility
  • Set the multi-quarter technical and organizational strategy for product and application security, aligned with company priorities and risk posture
  • Lead, develop, and retain a team of security and software engineers, including coaching senior ICs and building future leaders
  • Own the design, delivery, and long-term evolution of AI platform security, governance frameworks, and security visibility
  • Establish and scale product security review practices that shift security engagement earlier in the product lifecycle and are adopted broadly across engineering
  • Act as a senior security partner to engineering, product, and business leadership, influencing architectural decisions and balancing security risk with business outcomes
What we offer
What we offer
  • Performance-driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet — a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more
  • Exceptional office experience with catered meals, events, and comfortable workspaces
  • Fulltime
Read More
Arrow Right