Security Application Manager

At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it. Our global team of dedicated Pack members is driving innovation and setting new industry standards every day. Our impact speaks for itself: we've earned recognition on the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and Fortune Cyber 60 lists, and we recently took home the 2024 CRN Products of the Year award. We’re proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers' Choice distinction from Gartner Peer Insights. Our Aurora Platform also received CRN’s Products of the Year award in the inaugural Security Operations Platform category. Join a company that’s not only leading, but also shaping, the future of security operations. 

Our mission is simple:

End Cyber Risk. We’re looking for a Application Security Manager to be part of making this happen

Position Overview and Objective
The Manager Application Security role is responsible for the implementation of measures to ensure the security of Arctic Wolf software systems, applications, code, and related components. This role will work within our Information Security Engineering team to deploy and operationalise technical security capabilities with open collaboration with the Research and Development Team.
 Primary Responsibilities and Duties

• Manage, lead, mentor, and coach the leaders of the Application Security team and the teams they oversee, enabling the teams to consistently accomplish their objective to quickly deliver secure software in a distributed environment.
• Work with Arctic Wolf to define and implement the Arctic Wolf SDLC to ensure code is secure by design, secure by default, secure in deployment and communication, and automated with a multiyear roadmap.
• Provide recommendations on Information Security policies and defining governance procedures for secure application development.
• Implement application security tools, processes, and documentation to support alignment with OWASP Top 10, Industry Standards, Current Events, and Best-Practices.
• Ensure developers, architects, code reviewers, and others on secure coding practices and other aspects of secure software development.
• Serve as the subject matter expert for Application Security, providing guidance to Team Members, Engineering and Product teams performing security reviews and assessments.
• Develop standards and training for security testing tools focused on the application layer (e.g., SAST, DAST, IAST, SCA), threat modeling, penetration testing, red team, bug bounty and vulnerability management.
• Help software development teams to understand and remediate security findings within prescribed timelines.
• Research and review any reported or suspected application vulnerabilities from third party library and source code.
• Implement, configure, and train/document off-the-shelf application security technologies in the Arctic Wolf internal environment.
• Contribute to a world-class security program that supports Arctic Wolf’s tremendous growth.
• Gather and create Application Security performance indicators to drive delivery and program improvements.

Key Skills
Communication, Threat modeling, Code Review, Penetration Testing, Application Testing, Research, Secure Coding, Cloud Technologies, Containerisation Technologies.
 Key Competencies
Able to write clearly and succinctly in a variety of communication settings and styles; can get messages across that have the desired effect.
Able to effectively partner and communicate with Engineering and Product teams.
Uses rigorous logic and methods to solve difficult problems with effective solutions; probes all fruitful sources for answers; can see hidden problems; is excellent at honest analysis; looks beyond the obvious and doesn't stop at the first answers.
Generate new and unique ideas to enable secure software development.; easily makes connections among previously unrelated notions; tends to be seen as original and value-added in brainstorming settings.
 Minimum Qualifications
A Bachelor’s Degree in Computer Science, Information Systems, Engineering, cybersecurity or related technical field; or equivalent experience.
5+ years of experience in security or infrastructure engineering Including assessing and escalating to vendors for troubleshooting purposes.
Thorough understanding of modern software development practices including a thorough understanding of OWASP Top 10, OWASP ASVS, or similar frameworks.
Experience in deploying application security technologies such as SAST, DAST, IAST, SCA, etc.
 Preferred Qualifications
Familiarity with cloud infrastructures, with Amazon Web Services (AWS) and/or Azure considered a strong plus.
Familiarity with containerisation technologies such as Docker and/or Kubernetes is a huge plus.
Analytical and quantitative skills with proven experience in developing strategic solutions.
Significant prior experience securing large-scale web applications, including performing security code reviews, vulnerability assessments, and manual testing for logic flaws.
Experience working in a regulated environments (SOX, ISO 27001, etc) and/or one or more
Industry Certifications – (CISSP, CCSP, CSLP, OSCP, OSWE, GPEN, GWAPT, CEH, etc).
Experience in people or project management with successful completion of multiple security projects
 Our Values and Benefits

Arctic Wolf recognises that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organisations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.  

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.   

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.  

All wolves receive compelling compensation and benefits packages, including:  

Equity for all employees 

Flexible annual leave, paid holidays and volunteer days 

Training and career development programs 

Comprehensive private benefits plan including;

Medical insurance for you and your family

Life insurance (3x compensation)

Personal accident insurance. 

Fertility support and paid parental leave 

 

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, colour, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.