Manager, IT Security (AppSec)

Alpharetta, Georgia, United States; Birmingham, Michigan, United States

Full Time Mid-level / Intermediate USD 120K - 150K

OneStream

OneStream is the leading enterprise Finance management platform that unifies finance and operational data with AI, increasing the strategic impact of the CFO.

View all jobs at OneStream

Apply now Apply later

Posted 1 day ago

Manager, IT Security (AppSec)

Location: Hybrid, Alpharetta, GA or Birmingham, MI
Employment Type:    Full-Time
Compensation:          $120,000.00 - $150,000.00 (Range applies to US candidates only) + Benefits/Variable Comp/Equity - Range may vary based on experience.
Benefits Offered:       Vision, Medical, Life, Dental, 401K

Summary

OneStream is seeking an IT Security Manager with a specialization in Application Security to join its Information Security team. This leadership role is responsible for managing a team of Application Security Engineers in a dynamic, fast-paced environment. The IT Security Manager will champion a secure, efficient, and modern IT environment aligned with current and emerging cyber risks. This is a hands-on management position, requiring both technical contributions and strategic oversight. The individual in this role will mentor and guide their team, build strong partnerships with development teams, and actively contribute to securing the company’s software development lifecycle. Key responsibilities include designing and implementing security strategies, performing risk assessments, ensuring compliance with industry standards, and cultivating a culture of security awareness across the organization.

The ideal candidate is passionate about technology, continuous learning, and team development. They are aligned with OneStream’s mission and thrive in a collaborative, close-knit environment where they can make a meaningful impact within the company and broader community.

Primary Duties and Responsibilities

Manage activities, documentation, timelines and resources associated with IT Security AppSec projects.
Manage security testing platforms, including leading forensic investigations and mitigation procedures.
Collaborate with Development and Engineering teams to secure OneStream services.
Create and enforce secure development policies and procedures.
Perform manual and automated application security testing.
Perform code analysis to ensure security of OneStream platform code.
Review the SDLC to identify any areas where security of our supply chain could be improved.
Lead security training and communicate policies.
Identify security risks and operation needs.
Work closely with Compliance Departments and external audit companies.
Ensure that implementation of technical features meet deadlines required for compliance certifications.
Create and edit IT specific policy documentation.
Ensure scheduled technical compliance related reporting is done on time to meet policy requirements.
Administer IT security tools within internal and customer environments.
Collaborate with and task manage Engineers.

Required Education and Experience

BSc/BA in Computer Science, Engineering, or relevant field.
8+ years of experience in application security testing, penetration testing, or development.

Preferred Education and Experience

5+ years of experience as an IT Security Manager or similar role.
Experience in analysis, implementation, and evaluation of IT systems and their specifications.
Experience with writing C# and .NET code.
Experience performing code reviews on C# and .NET code.
Experience penetration testing web applications.
Experience with decompiling and reverse engineering .NET libraries.
Sound understanding of computer systems (hardware/software), networks, etc.
Good knowledge of IT Compliance, policy development, and implementation.
Experience following an information technology budget.
Experience with IT Security & Infrastructure, Security Risk Management, SOC 2, FedRAMP, Security Policies and Procedures, Security Testing and Auditing, Internal Audit.
Any industry recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Penetration Tester (GPEN), etc.
Excellent organization and leadership skills.
Outstanding communication abilities.

Knowledge, Skills, and Abilities

Organized.
Strong reasoning skills.
Self-motivated, self-starter.
Independent thinker with good judgement.
Ability to think fast on their toes.
Sound decision making skills.
Ability to evaluate pros and cons.
Ability to multitask a variety of projects.
Prioritization skills.
Comfortable communicating with all levels of management.
Experience with OneStream Software not required, but experience with any financial consolidation package is a plus.

Who We Are

OneStream is how today’s Finance teams can go beyond just reporting on the past and Take Finance Further™ by steering the business to the future. It’s the only enterprise finance platform that unifies financial and operational data, embeds AI for better decisions and productivity, and empowers the CFO to become a critical driver of business strategy and execution. Our vision is to be the operating system for modern finance, digitizing core financial functions and empowering the CFO to become a critical driver of business strategy. To learn more visit www.onestream.com.

Why Join The OneStream Team

Transparency around corporate structure, salary, and benefits
Core value of customer success
Variety of project work (not industry-specific)
Strong culture and camaraderie
Multiple training opportunities

Benefits at OneStream
OneStream employees are passionate, hardworking individuals who go above and beyond to keep our customers happy and follow through on our mission statement. They consistently deliver the best and in turn, we make every effort to keep them cared for and happy. A sample of the benefits we provide are: