Demo

Senior Application Security Manager

Shutterfly
Tempe, AZ Full Time
POSTED ON 4/4/2025
AVAILABLE BEFORE 5/2/2025
At Shutterfly, we make life’s experiences unforgettable. We believe there is extraordinary power in the self-expression. That’s why our family of brands helps customers create products and capture moments that reflect who they uniquely are.

This is an exciting time for Shutterfly. In this position you will be leading the application security team to shape the application security program. Your focus will be on helping to build and maintain an Application Security program that can be used as the benchmark for our industry.

We are looking for an innovative Senior Application Security Manager who loves to lead, red team, train, resolve vulnerabilities and much more. While also being a Subject Matter Expert in application security, you will work with application security engineers to evangelize shift-left security, engaging early and often with the engineering teams. You will bring your strong leadership skills, technical background in application security, deep experience in building application security programs to help take Shutterfly’s application security program to the next level.

What You'll Do Here

  • Lead a team of highly skilled application security engineers through planning, prioritization, and execution of work
  • Manage the application security program. Design and execute automation services to enhance enterprise application security test tooling in SDLC and DevOps pipelines
  • Develop close relationships with the engineering leadership across the company to help teams prioritize security challenges, track and resolve identified risks
  • Establish and maintain Security Champion program
  • Establish, maintain and roll out security training program for developers
  • Build and grow an execution team to analyze and resolve application security issues
  • Create and evolve sustainable processes and tools for operations through automation, self-service and reducing complexity
  • Oversee application security engineers performing penetration tests of services
  • Define, monitor, and report application security metrics to accurately represent department statistics and team performance
  • Manage the relationship with third-party vendors providing services to support application security program
  • Work with engineering on vulnerability management program, maintaining backlog and driving remediation efforts
  • Mentor and guide AppSec engineers, fostering professional growth and development through one-on-ones, coaching and real-time feedback

Qualifications

Minimum Qualifications:

  • BS/MS in Computer Science or equivalent experience
  • 6-8 years working as an Application Security Engineer and 1-3 years specifically leading application security team
  • Experience recruiting and managing technical teams, including performance evaluation and management
  • Experience with different styles of source control and CI/CD pipeline
  • Experience building relationships with stakeholders and business leaders
  • Proven risk assessment and mitigation skills
  • Proven communication skills, the ability present information clearly and concisely to all levels of management both formally and informally

Preferred Qualifications

  • Familiarity with OWASP top 10 vulnerabilities, mitigations and their impact on application architecture
  • Experience with application security testing including SAST, DAST and SCA
  • Experience with Web Application protection tools including RASP, WAF and DDoS mitigation
  • Experience with Code Review process
  • Familiarity with programming languages such as Java, NodeJS, Python
  • Experience managing and maintaining an enterprise bug bounty program
  • Familiarity with cryptography including commonly implemented algorithms, standards, and best practices
  • The candidate should have familiarity with a variety of development and testing tools, including IDE, GIT, JIRA, Maven

Additional Qualifications

  • Familiarity in both using and securing Linux based systems and containers.
  • Familiarity in both ECS and Kubernetes cluster deployment
  • Familiarity in Micro Services architecture and security control in such environment
  • Familiarity in deploying and maintaining controls within various public cloud environments (AWS/Azure/GCP)
  • Relevant security certifications (SANS/GIAC, CISSP, CSSLP, OCSP, etc.) are highly desirable

Supporting a diverse and inclusive workforce is important to Shutterfly not only because it directly reflects our value of Embracing our Differences, but also because it’s the right thing to do for our business and for our people. We welcome all applicants and evaluate them based on their qualifications, without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or other characteristic covered by law. Learn more about our commitment to Diversity, Equity, and Inclusion on our Career Site.

This position will accept applications on an ongoing basis until filled.

The compensation package for this role is based on multiple factors, such as job level, responsibilities, location, and candidate experience. The base pay ranges included below are specific to the locations listed, and may not be applicable to other locations.

California : [$166,000-236,000]

Connecticut and New York: [$166,000-216,000]

Colorado, Illinois, Minnesota and Washington: [$166,000-200,000]

Nevada: [$156,000-216,000]

Maryland and New Jersey: [$179,250-216,000]

Hawaii : [$156,000-188,000]

This position may be eligible for a bonus incentive, health benefits, a 401K program, and other employee perks. More details about our company benefits can be found at https://shutterflyinc.com/benefits/.

This opportunity can be remote, but candidates must reside in a state in which Shutterfly is registered to do business. This includes all US states except District of Columbia, North Dakota, Mississippi, Rhode Island, Vermont, and Wyoming.

This position will accept applications on an ongoing basis until filled.

#SFLYTechnology

Salary : $156,000 - $216,000

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Senior Application Security Manager?

Sign up to receive alerts about other jobs on the Senior Application Security Manager career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$220,784 - $286,649
Income Estimation: 
$152,549 - $188,894
Income Estimation: 
$194,072 - $240,547
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$194,072 - $240,547
Income Estimation: 
$220,784 - $286,649
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$139,945 - $168,577
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$123,246 - $161,441
Income Estimation: 
$152,549 - $188,894
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$161,209 - $233,553
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Shutterfly

Shutterfly
Hired Organization Address Tempe, AZ Full Time
Snapfish (part of the Shutterfly family of brands) was built to help people archive and share photos. For almost two dec...
Shutterfly
Hired Organization Address Sioux Falls, SD Full Time
Do you have a passion for photography and sales? Do you have a fun, upbeat personality? Do you enjoy working with infant...
Shutterfly
Hired Organization Address Louisville, KY Full Time
Are you a creative individual who takes the initiative and wants to be part of creating memories that last a lifetime? D...
Shutterfly
Hired Organization Address Fort Mill, SC Full Time
At Shutterfly, we make life’s experiences unforgettable. We believe there is extraordinary power in the self-expression....

Not the job you're looking for? Here are some other Senior Application Security Manager jobs in the Tempe, AZ area that may be a better fit.

Senior Application Security Engineer

Axon Enterprise Inc, Scottsdale, AZ

AI Assistant is available now!

Feel free to start your new journey!