Lead, Application and Product Security Manager

Lead, Application and Product Security Manager ScorecardMission of the Position:The Lead, Application and Product Security Manager will lead the application security program to ensure the integrity, confidentiality, and availability of the Xurrent company and customer data. Responsibilities include identifying, documenting, assessing, prioritizing, sizing, and mitigating application security risks. The role requires expertise in proactive risk management and rapid response to security threats to uphold customer trust and compliance with regulatory standards.Responsibilities: Take full ownership of incident response process including annual tabletop exercisesLead the vulnerability management process including implementation of detection tools, leading the triage process, and providing guidance to internal teams on remediation of detected vulnerabilitiesLead the company’s business continuity and disaster recovery effortsGather technical evidence for annual information security auditsMonitoring of security and data protection inboxes and ownership of responsible disclosure programRisk assessment development and communication to stakeholdersThird party (vendor) risk management program development and ownershipOwnership of technical security policiesOwnership of security awareness training and internal phishing simulation campaignsCoordinate with audit firms, consultants, and development teams to provide the information required to complete security review and audits in a timely manner.Stay informed about emerging threats and vulnerabilities.Define and implement the long-term vision, strategy, and roadmap for product and application security aligned with company objectives.Integrate security into the Software Development Life Cycle (SDLC) and DevSecOps pipelines.Communicate security risks and recommendations to executive leadership.Requirements:In-depth knowledge of secure coding practices, application architectures, and cloud security, particularly in a SaaS environment.Strong background in software development and security.Familiarity with compliance requirements relevant to SaaS platforms (for example, ISO 27001, GDPR, SOC2).Excellent communication and interpersonal skills.Bachelor’s degree in Computer Science, Information Security, or related field. Advanced degrees or certifications in cybersecurity (for example, CISSP, CISM) preferred.

Apply Now