Senior Manager – Application Security

🕒 April 23

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Miro

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

☁️ SaaS

⚡ Productivity

🤖 Artificial Intelligence

💰 $400M Series C on 2022-01

SaaS • Productivity • Artificial Intelligence

Miro is an AI-powered collaboration platform designed to help teams streamline their innovation processes, from initial idea to final outcome. With over 80 million users and 250,000 companies using its services, Miro provides a versatile workspace for organizing project information, creating interactive prototypes, structured briefs, project plans, and diagrams. It integrates with tools like Google, Microsoft, Adobe, and Jira, enhancing productivity and collaboration across various functions including product development, UX design, engineering, marketing, IT, and more. Miro's Intelligent Canvas offers an adaptable environment for brainstorming, project management, and execution, supported by AI features like rapid prototyping and decision-making assistance. Its robust security and governance controls ensure the protection of users' intellectual property. Miro caters to organizations of all sizes, providing customizable templates and numerous integrations to fit diverse workflow needs.

📋 Description

• Lead and mentor a globally distributed team of security engineers focused on application security, offensive testing, secure architecture, and vulnerability remediation. • Lead and coordinate the team's initiatives and help provide project management leadership to the team members. • Coordinate cross function and cross stream initiatives and projects. • Drive integration of security into Miro’s Discover, Define, Deliver lifecycle through the lens of the AMPED Ways of Working and Operating Model. • Collaborate with Product, Engineering, and Design to ensure security is considered at the earliest stages of ideation—via threat modeling, risk reviews, and abuse-case analysis. • Shape and evolve Miro’s Secure SDLC practices, integrating security seamlessly into CI/CD pipelines, infrastructure-as-code, and developer tooling. • Oversee execution of bug bounty and third-party testing programs, ensuring vulnerabilities are triaged, communicated, and remediated effectively. • Build and scale Miro’s Security Champions program to embed security ownership within each engineering team. • Guide secure adoption of AI-augmented software development tools, including LLMs used for code generation, reviews, or architectural assistance. • Help envision and safely operationalize Agentic AI-driven developer and security workflows, including policy-driven autonomous agents supporting security automation and decision-making. • Provide structured guidance, patterns, and reference architectures that support developers in implementing secure, scalable, and privacy-respecting features. • Define and report on KPIs and success metrics for secure development adoption, vulnerability resolution, and developer engagement. • Collaborate with Privacy, Legal, and Compliance teams to ensure alignment with regulatory requirements (ISO 27001, SOC 2, GDPR, and emerging AI regulations). • Foster a strong team culture based on collaboration, learning, and continuous improvement.

🎯 Requirements

• 10+ years of experience in software, application, or product security, including significant experience in secure software development. • 3+ years of technical leadership or management experience in a security-focused role. • Extensive experience with threat modeling methodologies (e.g., STRIDE, PASTA) and risk assessment, particularly within a SaaS or product-centric organization. • Deep expertise in Secure Software Development Lifecycles (SSDLC), including integrating security into agile and custom development frameworks. • Demonstrated experience running Security Champions programs and scaling developer engagement. • Experience leading offensive security programs (penetration testing, red teaming, bug bounty). • Practical understanding of governance and assurance frameworks such as ISO 27001, SOC 2, and OWASP SAMM. • Familiarity with AI/LLM tooling (e.g., Cursor, GitHub Copilot, custom LLM integrations) and the associated security and governance considerations. • Experience working with AWS and securing API-driven, microservice-based architectures. • Ability to manage distributed teams and communicate effectively across technical and business stakeholders.

🏖️ Benefits

• equity • wellbeing benefit • WFH equipment allowance • annual Learning & Development stipend