Build, mentor, and manage a globally distributed team of application security engineers, establishing career development paths and fostering a collaborative security culture
Develop and execute the application security strategy, defining metrics and KPIs while partnering with leadership to communicate security posture to executives
Oversee application security initiatives across all products, including secure SDLC practices, vulnerability management, threat modeling, architecture reviews, and bug bounty programs
Define tooling strategy for Application Security, driving automation to achieve high remediation coverage while maintaining development velocity
Partner with engineering, product, compliance, and other security teams to embed security throughout the organization, delivering training and acting as a trusted advisor on security architecture

10+ years of experience in Application or Product Security, with at least 3+ years in a management or leadership role
Proven track record of building and scaling security teams in SaaS or cloud-native environments
Deep expertise in web application security, API security, microservices, and containerized architectures
Strong understanding of modern development practices, including CI/CD, DevSecOps, and agile methodologies
Experience implementing and managing security tooling across the SDLC (SAST, DAST, SCA, container scanning)
Demonstrated ability to work effectively with distributed global teams across multiple time zones
Excellent communication and stakeholder management skills, with the ability to present to executive audiences
Strong technical background with hands-on experience in at least one major programming language (Python, Java, Go, JavaScript)
Knowledge of cloud security best practices, particularly AWS, Kubernetes, and container orchestration.

Director of Application Security

Key skills