Application Security Manager

🕒 April 22

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Workleap

WebsiteLinkedInAll Job Openings

201 - 500 employees

👥 HR Tech

☁️ SaaS

⚡ Productivity

💰 Private Equity Round on 2023-06

HR Tech • SaaS • Productivity

Workleap is a company that provides an integrated platform designed to improve the employee experience by focusing on engagement, performance, and development. Their suite of products includes Officevibe, Pingboard, and various Learning Management Systems (LMS) that help businesses tackle challenges like hybrid work, onboarding, professional development, and performance management. Workleap aims to create happier and more productive workplaces by making it easier for HR teams to manage and enhance their HR strategies. With a customer base exceeding 20,000 leaders globally, Workleap offers tools that are easy to implement and integrate with existing HR and productivity systems.

📋 Description

• Ensure security is embedded into CI/CD pipelines by delivering scalable, automated tooling and integrated security checks (SAST, DAST, SCA, secret scanning); • Enable secure-by-default development by designing and implementing automated, policy-driven security review workflows; • Establish robust security guardrails within AI-assisted development and agent workflows to reduce risk while maintaining developer velocity; • Reduce risk exposure by proactively identifying, assessing, and driving remediation of application security vulnerabilities; • Strengthen application security posture by leading threat modeling and security assessments for new features and architectural changes; • Improve detection and response capabilities through the development of automation, tooling, and streamlined vulnerability management processes; • Elevate cloud and application security by partnering with Infrastructure SecOps to harden Azure environments and deployment practices; • Enhance external security feedback loops by contributing to and scaling the bug bounty program and vulnerability intake processes.

🎯 Requirements

• 8+ years of experience in application security, DevSecOps, or security-focused software development; • Strong software engineering background combined with deep security expertise; • Deep understanding of web application security principles, OWASP Top 10, and CWE Top 25; • Hands-on experience performing secure code reviews in C#; • Experience building and maintaining security automation in CI/CD pipelines (GitHub Actions preferred); • Solid understanding of Azure cloud services, infrastructure security, and deployment patterns; • Experience integrating SAST, DAST, SCA, and secret scanning tools into development workflows; • Proficiency in scripting (Python, Bash) for automation and tooling; • Extensive hands-on experience with AI-assisted and agentic development workflows, with deep expertise in their security implications; • Familiarity with authentication protocols such as OIDC, SAML, and OAuth; • Ability to clearly communicate security risks and trade-offs to both technical and non-technical stakeholders.

🏖️ Benefits

• Health insurance • Flexible working hours • Professional development opportunities