Remote Devsecops Engineer Jobs in Edison, NJ (NOW HIRING)

Manager, Application Security

Hybrid Work Arrangement
Hybrid work arrangement required with 4 days on site and 1 remote in one of the following organizational hubs: Johnston, RI - Westwood OR Boston, MA  - Iselin, NJ - Manchester, NH

The Manager, Application Security is responsible for leading, scaling, and maturing enterprise application security capabilities across a complex technology environment. This role owns the application security program end to end, ensuring secure software development practices are embedded into the SDLC while balancing regulatory, risk, and business requirements.
As part of the cybersecurity organization, this role partners closely with engineering, platform, cloud, DevOps, and risk teams to drive measurable risk reduction without slowing delivery.

Key Responsibilities
Lead the enterprise application security program across web, API, and mobile platforms
Define and execute the application security vision, strategy, and roadmap aligned to business and risk objectives
Establish and enforce application security standards, secure coding practices, and control requirements
Partner with engineering leadership to embed security into architecture, design, and delivery decisions
Oversee integration of application security testing tools, including SAST, DAST, and SCA, into CI CD pipelines
Lead application security assessments and risk based remediation planning
Provide threat informed guidance to engineering teams on high risk vulnerabilities and design patterns
Collaborate with vulnerability management, cloud security, and infrastructure teams to drive cohesive risk reduction
Establish governance, metrics, and reporting to measure application security maturity and effectiveness
Represent application security in audit, regulatory, and risk management engagements
Translate technical security risks into clear, business relevant insights for senior leaders
Build, mentor, and develop application security engineers and subject matter experts
Continuously improve tooling, automation, and processes to scale AppSec capabilities efficiently

Required Experience and Skills
10 plus years of cybersecurity experience with a strong focus on application security
5 plus years of people or program leadership experience operating an application security program in an enterprise environment
Deep understanding of application security risks, including OWASP Top 10 and API security threats
Hands on experience with modern SDLC, CI CD, and DevSecOps practices
Experience implementing and managing application security testing tools and processes
Ability to assess application architecture, design patterns, and authentication and authorization models
Strong experience partnering with engineering teams to drive secure by design outcomes
Excellent written and verbal communication skills, including executive level reporting
Proven ability to influence engineering, product, risk, and compliance stakeholders

Preferred Experience
Experience in highly regulated industries such as financial services or healthcare
Familiarity with cloud native and microservices based architectures
Experience with API security platforms and runtime visibility tools
Background in penetration testing or threat modeling
Experience defining application security metrics, KPIs, and maturity models

Education and Certifications
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field
Preferred certifications include CISSP, CISM, CISA, GPEN, or equivalent

Pay Transparency
The salary range for this position is from $133,000 to $190,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to work location, relevant skills, and experience.

We offer competitive pay, comprehensive medical, dental, and vision coverage, retirement benefits, maternity and paternity leave, flexible work arrangements, education reimbursement, wellness programs, and more. Citizens' paid time off policy exceeds the mandatory paid sick or paid time away policies of local and state jurisdictions in the United States. For an overview of our benefits, visit our Careers site - https://jobs.citizensbank.com/benefits.

#LI-Citizens1