Senior Product Manager leading the strategy and development of ESET's Identity Security portfolio. Driving innovation across identity protection areas helping organizations secure identities and access.
About the role
- Application Security Manager leading DevSecOps function at Corebridge Financial. Overseeing secure software development practices and team management for application security initiatives.
Responsibilities
- Lead the application security program with a focus on securing CI/CD pipelines, cloud-native apps, and microservices.
- Manage a team of DevSecOps engineers and security champions across development squads.
- Develop and implement scalable security tooling, static and dynamic code analysis software composition, and Software Bill of Material.
- Integrate AI and machine learning tools for threat modeling, code analysis, and anomaly detection.
- Collaborate with development, infrastructure, and product teams to ensure secure architecture and coding practices.
- Establish AppSec policies, threat modeling frameworks, and secure coding guidelines.
- Build metrics and reporting to track the effectiveness of AppSec initiatives and risk posture.
- Evaluate and implement AI-based AppSec tools and integrations within the DevSecOps toolchain.
- Lead incident response and secure code review processes for critical applications.
- Act as the primary point of contact for application security audits and compliance initiatives.
Requirements
- 7+ years of experience in application security, including 2+ years managing security teams.
- Strong knowledge of secure coding practices in modern languages (e.g., Python, Java, JavaScript, Go).
- Experience deploying and managing AppSec tools such as SAST, DAST, SCA, IaC scanners, Application Security Posture Management (ASPM) and secrets detection tools.
- Hands-on experience in CI/CD platforms (e.g., GitHub Actions, GitLab CI, Jenkins, Azure DevOps).
- Solid understanding of cloud-native architectures (AWS/GCP/Azure), containers (Docker), and orchestration (Kubernetes).
- Experience with Infrastructure-as-Code (e.g., Terraform, CloudFormation) and securing DevOps pipelines.
- Familiarity with AI-driven AppSec tools for vulnerability management, threat detection, and LLM-assisted secure code review.
- Experience with LLMs (e.g., OpenAI GPT, Gemini) for code analysis, threat modeling, secure coding guidance or vibe coding.
- Understanding of prompt engineering, model fine-tuning, or integrating AI APIs into security workflows.
- Bonus: Experience in AI security (e.g., adversarial ML, model poisoning, AI system threat modeling).
- Bonus: Experience in SAP Security, code review, vulnerability management, and threat monitoring.
- Bachelor’s degree in a relevant field or proven record of experience in Information Technology and Cyber Security roles.
- Certifications: OSCP – Offensive Security Certified Professional (Required or strong preference) GWAPT - GIAC Web Application Penetration Tester OSWE – Offensive Security Web Expert (Preferred) CISSP – Certified Information Systems Security Professional (Preferred) GPEN – GIAC Penetration Tester (Preferred) AI/ML Certifications – e.g., Microsoft AI-102, Google Cloud ML Engineer, or similar (Bonus)
Benefits
- Health and Wellness: We offer a range of medical, dental and vision insurance plans, as well as mental health support and wellness initiatives to promote overall well-being.
- Retirement Savings: We offer retirement benefits options, which vary by location. In the U.S., our competitive 401(k) Plan offers a generous dollar-for-dollar Company matching contribution of up to 6% of eligible pay and a Company contribution equal to 3% of eligible pay (subject to annual IRS limits and Plan terms). These Company contributions vest immediately.
- Employee Assistance Program: Confidential counseling services and resources are available to all employees.
- Matching charitable donations: Corebridge matches donations to tax-exempt organizations 1:1, up to $5,000.
- Volunteer Time Off: Employees may use up to 16 volunteer hours annually to support activities that enhance and serve communities where employees live and work.
- Paid Time Off: Eligible employees start off with at least 24 Paid Time Off (PTO) days so they can take time off for themselves and their families when they need it.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Health & Safety Coordinator ensuring safety standards in construction projects for multinational tech client. Fostering strong preventive culture in compliance with Spanish legislation.
Cybersecurity Intern participating in business transformation projects for major industries. Engaging in Cybersecurity Risk Assessment and developing innovative solutions in the IT sector.
Account Specialist managing sales and client relationships for security solutions in the public sector. Conducting market research and focusing on contract renewals and compliance in Australia.
Técnico em Segurança do Trabalho at Lotus ICT, focusing on workplace safety in Rio de Janeiro.
Security Supervisor providing comprehensive safety services across Nord Anglia International School campus. Leading security team to ensure operational and Health and Safety compliance while mitigating risks.
Security Officer ensuring safety and compliance at WarHorse Gaming in Lincoln, NE. Monitoring premises, responding to incidents, and assisting guests and team members.
Security Supervisor overseeing loss prevention and security operations at WarHorse Gaming Lincoln casino. Ensuring a safe environment for guests and team members while upholding regulatory requirements.
Consultor de Segurança do Trabalho na Votorantim Cimentos consolidando medidas de segurança e gestão de EPIs. Gestão de processos e compliance em segurança de trabalho com foco em excelência.
Coordination role for Health and Safety in Underground Mine at Atlantic Nickel in Itagibá/BA. Focus on strategies for safety and health systems in underground operations.