Back to jobsApply
PayNearMe

Every payment. Every time.

Senior Manager, Application Security

Full TimeRemoteTeam 51-200H1B No SponsorCompany SiteLinkedIn

Location

California

Posted

2 days ago

Salary

$200K - $230K / year

Bachelor Degree8 yrs expEnglishAWSCloudMicroservicesRubyRuby ON RailsSDLCGo

Job Description

• Lead the Application Security team, including hiring, mentoring, and performance management. • Define and execute the Application Security roadmap aligned with business priorities and regulatory obligations (e.g., PCI, SOC 2). • Partner closely with Engineering, Product, QA, Infrastructure, and DevOps leadership to embed security early in the SDLC. • Oversee security design reviews and code security reviews across: Go-based microservices, Ruby-based monolith applications • Provide technical guidance on secure architecture decisions in a cloud-first (AWS) environment. • Own and continuously improve the organization’s threat modeling framework and ensure it’s embedded in new feature development and architectural changes. • Ensure SAST and SCA tooling is integrated into CI/CD and appropriately tuned to reduce false positives. • Drive meaningful reporting dashboards for Development and Engineering leadership. • Establish and operationalize a risk-based vulnerability prioritization framework and scoring rubric aligned with OWASP guidance and applicable industry standards. • Act as a trusted advisor to Engineering leadership and influence architectural decisions that reduce systemic risk.

Job Requirements

  • 8+ years of experience in Application Security or Secure Software Engineering
  • 3+ years leading or managing technical security teams
  • Strong hands-on experience with: Ruby (Rails) application security, Go (Golang) application security
  • Deep knowledge of: Secure SDLC practices, Threat modeling methodologies (e.g., STRIDE, attack trees), SAST and SCA tools and rule tuning, OWASP Top 10 and API Security Top 10
  • Experience integrating security tools into CI/CD pipelines.
  • Familiarity with cloud-native application security in AWS environments.
  • Strong understanding of microservices security patterns (service-to-service auth, token handling, API gateways, etc.).
  • Strong communicator capable of influencing senior engineering leaders.

Benefits

  • Competitive salary and benefits with growth-company options grant
  • Fast-paced and professional work culture
  • Stock options with standard startup vesting - 1 year cliff; 4 years total
  • $50 monthly communication expense stipend to go towards your phone/internet bill
  • $250 stipend to enhance your WFH setup
  • Reimbursement for peripheral equipment: monitor (up to $400), keyboard and mouse (up to $200)
  • Premium medical benefits including vision and dental (100% coverage for employees)
  • Company-sponsored life and disability insurance
  • Paid parental bonding leave
  • Paid sick leave, jury duty, bereavement
  • 401k plan
  • Flexible Time Off (our team members typically take off ~3-4 weeks per year)
  • Volunteer Time Off
  • 13 scheduled holidays

Related Categories

Security Engineer

Related Job Pages

Security Engineer Jobs in CaliforniaRemote Full-time Jobs (US)More US Remote Jobs