Demo
Salary Resume Critique Job Openings

Information Security Sr. Manager, Application Security

Tephra Inc.
Goodlettsville, TN Full Time
POSTED ON 1/16/2025
AVAILABLE BEFORE 4/7/2025

Description : Job Description :

Title : Information Security Sr. Manager, Application Security

Department : IT Security

Reports to : CISO

Supervises : IS Sr. Analyst, IS Analyst

General Summary :

Responsible for working with the information security management team to administer the Company's information security programs maintain Sarbanes-Oxley, HIPAA, and PCI DSS compliance programs and support a variety of security systems and applications. Recommends, designs, implements, and administers information security controls that meet dynamic tactical and strategic information security objectives.

Responsible for managing the application security team and associated program including, but not limited to : application security standards definition, publication, awareness and training, and compliance application security testing, tracking, reporting, and escalation application security regulatory compliance management application security risk monitoring, analysis, and reporting application security risk mitigation planning and coordination and budget planning, invoice management, personnel management, financial management, vendor relationship management, etc.

Duties and Responsibilities :

  • Perform static and dynamic application security testing conduct application security risk and compliance reviews and analysis identify, recommend, and track progress of security risk mitigation plans and collaborate with IT and business units to drive risk mitigation plans to completion.
  • Manage an effective, pragmatic application security program develop, maintain, and evangelize application security standards and procedures manage team personnel and financial resources ensure team members are appropriately trained and aware of performance expectations and manage customer engagement and service delivery.
  • Represent the information security department through pragmatic consultation and participation in a defined SDLC, promoting application security best practices and standards.
  • Promote security best practices via awareness and leadership by example monitor compliance with policies and regulatory requirements maintain audit readiness support internal and external auditors through effective and timely fulfillment of audit requests and assist in the development of audit responses and action plans.

Knowledge, Skills, and Abilities :

  • Strong understanding of current and emerging application security and general information security best practices, technologies, techniques, trends, threats, and countermeasures.
  • Strong, effective written and oral communications skills and able to communicate to technical and non-technical audiences across multiple levels.
  • Strong, hands-on experience performing static and dynamic application security tests, assessments, etc. using commercial and other tool sets, manual testing methods, etc.
  • Strong negotiation skills (e.g., driving internal security recommendations, external vendor action, etc.).
  • Strong understanding of effective, pragmatic application security controls risk management and compliance strategies and techniques and PCI, HIPAA, and SOX regulatory requirements.
  • Solid understanding of agile and waterfall development methodologies and the efficient and effective integration of application security design and testing processes.
  • Ability to learn and retain new skills to adapt to evolving business, technical, risk, and security needs.
  • Ability to work occasionally during non-standard shifts, in an on-call capacity, and able to travel occasionally (up to 5%).

    • Work Experience and / or Education :

    College degree or equivalent experience in information security with a minimum six years information security experience, focused on application security. Active CISSP, CISA, or CISM certification preferred.

    Extensive hands-on experience in static and dynamic application security testing using a variety of manual testing methods, commercial and non-commercial tools, best-practice security frameworks (e.g., OWASP ASVS), etc.

    Extensive experience holistically managing application security risk associated with architecture, design, operations, and support.

    Foundational experience with host operating systems, networking principles, web application firewalls, and associated security controls network / system vulnerability scanning tools security information and event management (SIEM) privileged user management (PUM) and governance risk and compliance (GRC).

    Candidate Must Have :

  • Extensive experience in pragmatic, holistic application security risk management.
  • Extensive hands-on experience in static and dynamic application security testing using a variety of manual testing methods, commercial and non-commercial tools, etc.
  • Foundational experience with host operating systems, networking principles, and web application firewalls network / system vulnerability scanning tools security information and event management (SIEM) privileged access management and governance risk and compliance (GRC).
  • Solid understanding of agile and waterfall development methodologies and how to efficiently and effectively integrate application security design and testing processes.
  • Minimum six years information security experience, focused on application security. Active CISSP, CISA, or CISM certification preferred.

    • If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Information Security Sr. Manager, Application Security?

    Sign up to receive alerts about other jobs on the Information Security Sr. Manager, Application Security career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $220,784 - $286,649
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $123,246 - $161,441
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Tephra Inc.

    Solutions Head,Commercials/Sales & Marketing
    Tephra Inc.
    Hired Organization Address Edison, NJ Full Time
    Description : Industry Leader - Commercials Solutions Head - expected to drive the growth and productivity of the Commer...
    Tephra is hiring: Creative Designer - Conversational Systems in Edison
    Tephra Inc.
    Hired Organization Address Edison, NJ Full Time
    Description : Conversational systems Designer should possess proficiency in multiple UX discipline like Interaction Desi...
    Product Specialist Ignio-Digital : Digital Consulting
    Tephra Inc.
    Hired Organization Address Edison, NJ Full Time
    Description : Work with sales force (direct or channel partners) by providing technical and business expertise during pr...
    Business Development Director, Lifesciences
    Tephra Inc.
    Hired Organization Address Boston, MA Full Time
    Description : The Business Development Director position is a key sales role within Our client's Life Sciences Unit sale...
    View More Jobs at Tephra Inc.

    Not the job you're looking for? Here are some other Information Security Sr. Manager, Application Security jobs in the Goodlettsville, TN area that may be a better fit.

    Information Security Senior Analyst, Application Security

    Tephra Inc., Goodlettsville, TN

    Security Site Manager

    JS Security Consulting, La Vergne, TN

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!