Senior Director - Application Security and Cyber Fraud

Exceed the expectations of our residential mortgage borrowers & business partners through superior service, simple processes, and effective communications.

We deliver on this mission by empowering our employees by encouraging and recognizing superior performance and innovative solutions, by promoting teamwork and divisional cooperation.
 

POSITION SUMMARY

The Senior Director, Application Security and Cyber Fraud leads the enterprise strategy for securing applications, APIs, and customer-facing platforms while building and operating a comprehensive fraud prevention program. This role is accountable for embedding security throughout the development lifecycle, defending digital assets against fraud, and ensuring adherence to regulatory compliance standards. As a senior leader, the position drives collaboration across cybersecurity, technology, product, and risk management teams to protect customer trust and enable secure business growth.

DESCRIPTION

Duties and Responsibilities

• Define, implement, and oversee the enterprise-wide application security and cyber fraud prevention strategy.
• Lead the design, deployment, and operational management of security technologies including web application firewalls (WAFs), Application Programming Interface (API) management platforms, application vulnerability scanning tools, and fraud detection systems.
• Collaborate with engineering, fraud operations, compliance, development, and product management teams to ensure secure development practices and minimize fraud risk in customer interactions.
• Manage vendor relationships and solution evaluations related to application security, API protection, and fraud mitigation tools.
• Establish key risk indicators (KRIs) and key performance indicators (KPIs) to measure effectiveness of AppSec and fraud prevention initiatives.
• Drive security automation within continuous integration/continuous deployment (CI/CD) pipelines, enabling DevSecOps practices that enhance product delivery without compromising security.
• Serve as a subject matter expert for audits, regulatory exams, and executive risk reporting related to application security and digital fraud defense.
• Build and lead a high-performing team of application security engineers, secure architecture specialists, and fraud risk analysts.

Qualifications and Education Requirements

• Bachelor’s degree in computer science, Cybersecurity, Information Systems, or a related technical field.
• 10+ years of progressive experience in cybersecurity, including 5+ years in a senior leadership role focused on application security and fraud prevention.
• Demonstrated experience managing enterprise WAF, API Gateway security, secure development programs, and fraud detection technologies.
• Industry certifications such as CISSP, CSSLP, OSWE, GWAPT, or CFE are highly desirable.

Skills, Abilities, and Knowledge

• Strong Expertise in secure software development practices, application security testing methodologies, and threat modeling frameworks.
• Deep understanding of web application architectures, APIs, authentication protocols, and secure session management.
• Strong ability to lead cross-functional initiatives and influence technology and business stakeholders to adopt security best practices.
• Practical knowledge of fraud prevention techniques, including device fingerprinting, bot detection, behavioral analytics, and transaction monitoring.
• Skilled at developing executive risk summaries and delivering clear, concise communications to technical and non-technical audiences.
• Ability to balance strategic leadership with hands-on problem solving in a complex and dynamic environment.
• Experience building scalable AppSec programs that integrate with CI/CD and DevOps workflows.
• Strong vendor management skills and experience negotiating security technology contracts and services.
• High organizational awareness and the ability to navigate complex governance, risk, and compliance environments.
• Advanced analytical and critical thinking skills, with a focus on continuous improvement and innovation in security practices.

Additional Information:

While this description is intended to be an accurate reflection of the position’s requirements, it in no way implies/states that these are the only job responsibilities. Management reserves the right to modify, add or remove duties and request other duties, as necessary.

All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Okta Verify and Microsoft Authenticator. Employment will be contingent on this requirement.

Company Benefits:

Newrez is a great place to work but we are only as strong as our greatest asset, our employees, so we believe in rewarding them!

• Medical, dental, and vision insurance

• Health Savings Account with employer contribution

• 401(k) Retirement plan with employer match

• Paid Maternity Leave/Parental Bonding Leave

• Pet insurance

• Adoption Assistance

• Tuition reimbursement

• Employee Loan Program

• The Newrez Employee Emergency and Disaster Fund is a new program to support our team members

Newrez NOW:

• Our Corporate Social Responsibility program, Newrez NOW, empowers employees to become leaders in their communities through a robust program that includes volunteering, philanthropy, nonprofit grants, and more

• 1 Volunteer Time Off (VTO) day, company-paid volunteer day where all eligible employees may participate in a volunteer event with a nonprofit of their choice

• Employee Matching Gifts Program: We will match monetary employee donations to eligible non-profit organizations, dollar-for-dollar, up to $1,000 per employee

• Newrez Grants Program: Newrez hosts a giving portal where we provide employees an abundance of resources to search for an opportunity to donate their time or monetary contributions

Equal Employment Opportunity 
We're proud to be an equal opportunity employer- and celebrate our employees' differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better.

CA Privacy Policy

CA Notice at Collection