Application Security Manager

Summary

Join Workleap as an Application Security Manager and drive the security posture of our products by operationalizing and managing our application security program. You will oversee the identification, remediation, and closure of security vulnerabilities within our codebase. This role involves program management, stakeholder management, and technical expertise. You will work closely with engineering, security, and product teams to implement security controls, assess risks, and promote a security-first culture. The role is hands-on and influential, ensuring security is a business enabler. Workleap offers a supportive and inclusive work environment.

Requirements

• 8+ years of experience in Application Security and running an AppSec program
• Deep understanding of web application security fundamentals, OWASP Top 10, and CWE Top 25
• Hands-on experience with secure code reviews in Java, .NET, PHP, Go, C, C++, Python, Swift, or Kotlin
• Experience integrating security into the SDLC, including SAST, DAST, SCA, and fuzzing
• Proficiency in scripting languages (Python, Bash) for security automation
• Familiarity with authentication protocols such as OIDC, SAML, and OAuth
• Solid understanding of cloud-native security principles and modern infrastructure security controls
• Strong ability to communicate security risks and best practices to technical and non-technical stakeholders
• Experience leading technical security projects and influencing security culture within engineering teams

Responsibilities

• Lead the operational execution of the application security program across all products
• Perform security reviews, threat modeling, and penetration testing for new features and major code changes
• Identify, assess, and report security vulnerabilities, ensuring timely remediation and closure
• Develop security tooling and automation to improve vulnerability detection and response
• Collaborate closely with development teams to enhance secure coding awareness and best practices
• Investigate and validate externally reported security vulnerabilities
• Monitor emerging threats and security research to proactively enhance our security posture
• Define and implement security requirements for application architecture and development processes
• Support security incident response efforts, contributing to forensic analysis and remediation
• Establish and track key AppSec metrics to measure program effectiveness and continuous improvement
• Engage with engineering teams to review code, conduct security assessments, and drive remediation efforts
• Collaborate with product managers and stakeholders to integrate security requirements into development workflows
• Develop and refine security automation tools to streamline vulnerability identification and management
• Participate in security architecture reviews and design discussions
• Monitor security alerts and vulnerabilities, triaging and prioritizing responses as needed
• Contribute to security awareness training and advocate for secure development best practices

Benefits

• We strive to create a healthy and inclusive work environment
• At Workleap, we build together, we trust each other, and we support each other in success or failure
• You will be able to express yourself, evolve and develop your creativity in an environment that will adapt to your daily life and your needs