Assistant Manager Application Security

Location: Arlington, Virginia Salary: Negotiable
Sector: Banking and Finance, IT, Banking IT, Finance and Operations, Development, Security, Network and Cloud Type: Permanent

Full Time opportunity as a Lead Penetration Tester for a leading technology vendor with a global network of experts and growing security program. This role comes with the responsibility to make an impact on all phases the application life cycle and take ownership in a cross-functional security team.


  • Execute the security program and initiatives contributing to the overall direction and strategy of application security
  • SME in Application Security around all areas of design, secure coding, and penetration testing
  • Source code review, threat modeling, performing risk analysis, identify vulnerabilities, and collaborate with development teams
  • Perform security assessments of existing architecture and makes security recommendations for new deployments.
  • Manage application security vendor engagements
  • Represent the Information Security team on all application security matters across the organization
  • Build out SIEM dashboards for security monitoring and alerting.


  • 4+ years of information security experience including web application assessment, penetration testing, and vulnerability research; deep experience with source code reviews, code analysis tools
  • B.S. or M.S. in Computer Science or relevant concentration required
  • One of the following certifications: CISSP, CSSLP, CEH, GPEN, GWAPT
  • Experience with:
    • SIEM technologies such as Splunk
    • Security testing tools such as Burp, ZAP, Fortify, and Nessus
    • JavaScript, Python, Perl
    • Java, Ruby, or C#
    • Threat models for large, distributed systems and cloud-based infrastructure (AWS, Google Cloud, or Azure)

Sthree US is acting as an Employment Agency in relation to this vacancy.