Enable job alerts via email!

Application Security Manager

Acrisure

Chicago (IL)

On-site

USD 185,000 - 200,000

Full time

Today
Be an early applicant

Job summary

A leading financial services firm in Chicago seeks an experienced Application Security Manager to lead the organization's AppSec program. You will shape and build the program while mentoring a team of specialists and advocating for security practices across the enterprise. Ideal candidates have over 5 years of experience in information security and strong communication skills. Competitive compensation and benefits provided.

Benefits

Competitive compensation
Generous vacation policy
Medical, Dental, and Vision Insurance
401(k) with company match
Paid maternity and paternity leave

Qualifications

  • Proven ability to design, lead, and scale an enterprise application security program.
  • Hands-on familiarity with security tooling.
  • Excellent communication and leadership skills.

Responsibilities

  • Own the vision, strategy, and roadmap for the Application Security program.
  • Build, mentor, and lead a team of AppSec engineers and specialists.
  • Advocate for application security across the organization.

Skills

Application security program design
Secure software development
Communication skills
Stakeholder management

Education

5+ years in information security
Relevant certifications (CSSLP, GWAPT, etc.)

Tools

SAST
DAST
GitHub
Job description
Overview

Join to apply for the Application Security Manager role at Acrisure.

As the Manager of Application Security Operations, you will lead and expand the organization’s Application Security (AppSec) program within a large, highly regulated financial services environment. This is an opportunity to build and shape the program from the ground up while leading a team of AppSec specialists and influencing enterprise-wide security practices. You’ll drive strategy, partner with multiple development teams, integrate security into the SDLC, and work alongside Security Operations leadership to strengthen incident response. This role offers high visibility, significant leadership impact, and the chance to establish a mature, scalable AppSec program that protects mission-critical financial systems.

Responsibilities
  • Own the vision, strategy, and roadmap for the Application Security program enterprise-wide.
  • Build, mentor, and lead a team of AppSec engineers and specialists.
  • Define program objectives, performance metrics, and KPIs to measure and report success.
  • Advocate for application security at all levels of the organization, from developers to executives.
  • Collaborate with software engineering teams to integrate security controls, best practices, and policies throughout the SDLC.
  • Promote a "security by design" culture by coaching and mentoring developers on secure coding practices.
  • Support threat modeling, secure code reviews, and security architecture discussions.
  • Implement, configure, and maintain application security tooling (SAST, DAST, SCA, IaC scanning, API security, container security).
  • Integrate security checks into CI/CD pipelines using GitHub and other platforms.
  • Evaluate emerging technologies and recommend tools that enhance automation and scalability.
  • Partner with SOC analysts to investigate application-layer alerts, incidents, and vulnerabilities.
  • Track and report key security metrics, including vulnerability remediation timelines, pipeline coverage, and compliance with policies.
  • Provide executive reporting and actionable insights on AppSec maturity and risk reduction progress.
Requirements
  • Proven ability to design, lead, and scale an enterprise application security program.
  • Strong understanding of secure software development, OWASP Top 10, threat modeling, and vulnerability management.
  • Experience partnering with development organizations to secure agile/DevOps pipelines.
  • Hands-on familiarity with security tooling (SAST, DAST, SCA, IaC, container security) and integrating with source code management (GitHub/GitLab, etc.).
  • Excellent communication, leadership, and stakeholder management skills.
  • Ability to lead through influence and establish a strong security culture across multiple technology teams.
Education and Experience
  • 5+ years of professional experience in information security with a focus on application security; 2+ years in a leadership role desired.
  • Previous experience as a developer or working closely with software development teams is strongly preferred.
  • Certifications such as CSSLP, GWAPT, GWEB, OSWE, or other relevant industry credentials are a plus.
  • Proven experience leading security initiatives at scale in enterprise environments, ideally within financial services or other highly regulated industries.

Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership.

Benefits and Perks
  • Competitive compensation
  • Generous vacation policy, paid holidays, and paid sick time
  • Medical, Dental, and Vision Insurance (employee-paid)
  • Company-paid Short-Term and Long-Term Disability Insurance
  • Company-paid Group Life insurance
  • Company-paid Employee Assistance Program (EAP) and Calm App subscription
  • Employee-paid Pet Insurance and optional supplemental insurance
  • Vested 401(k) with company match and financial wellness programs
  • Flexible Spending Account (FSA), Health Savings Account (HSA) and commuter benefits options
  • Paid maternity leave, paid paternity leave, and fertility benefits
  • Career growth and learning opportunities

Note: This list is not reflective of all benefits. Enrollment waiting periods or eligibility criteria may apply to certain offerings. Enrollments vary by subsidiary entity or geographic location.

Pay Details: The base compensation range for this position is $185,000 - $200,000. This range reflects Acrisure's good faith estimate at the time of this posting. Placement within the range will be based on factors including skills, experience, location, and internal equity.

California residents can learn more about our privacy practices for applicants at the Acrisure California Applicant Privacy Policy: www.Acrisure.com/privacy/caapplicant.

We recruit, hire, employ, train, promote, and compensate individuals based on job-related qualifications and abilities. Acrisure is an equal opportunity employer. No discrimination on race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability.

If you need an accommodation or assistance with the application process, please email leaves@acrisure.com.

Welcome, your new opportunity awaits you.

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.