Application Security Manager
Chicago, US New York, US
ABOUT US:
As a world leading provider of integrated solutions for the alternative investment industry, Alter Domus (meaning “The Other House” in Latin) is proud to be home to 90% of the top 30 asset managers in the private markets, and more than 6,000 professionals across 24 jurisdictions.
With a deep understanding of what it takes to succeed in alternatives, we believe in being different in what we do, how we work, and most importantly in how we enable and develop our people. Invest yourself in the alternative, and join an organization where you progress on merit, where you can speak openly with whoever you are speaking to, and where you will be supported along whichever path you choose to take.
Find out more about life at Alter Domus at careers.alterdomus.com
JOB DESCRIPTION:
We are looking for an Application Security Manager to lead and scale our Application Security program. Reporting to the Global Head of Security, you will be the connective tissue between Engineering and Security — embedding security into how we build, not bolting it on after the fact.
You have deep empathy for developers and understand their tools and workflows. You lead with automation and actionable guidance, not friction. You are equally comfortable conducting threat models and code reviews as you are building CI/CD integrations and running a Security Champions program.
Your responsibilities
Shift Left & SDLC Security
-
Lead secure design reviews and threat modeling to surface risks early in the development lifecycle.
-
Deploy and operationalize SAST, DAST, SCA, and secrets scanning across repositories and pipelines.
-
Partner with the Platform DevOps team to build and maintain security automation that embeds inline checks into CI/CD pipelines.
-
Help architect secure-by-default frameworks, workflows, and reusable patterns for engineering teams.
-
Conduct application security code reviews and provide clear, developer-friendly remediation guidance aligned with secure coding practices.
Vulnerability & Risk Management
-
Define and enforce SLA governance for security findings — from identification and prioritization through to remediation tracking.
-
Maintain an accurate and up-to-date application asset inventory.
-
Create and maintain Developer Security Standards with deep familiarity across Azure DevOps, GitHub Enterprise, and GitHub Advanced Security.
-
Evaluate and implement security tooling and automation to continuously improve application security posture and operational efficiency.
Developer Enablement & Culture
-
Lead the Security Champions Program to build a security-first culture across engineering and IT operations.
-
Serve as a trusted advisor to development and cross-functional teams, translating security risks into concrete, prioritized actions.
-
Deliver training on secure coding practices that empowers developers to proactively own security outcomes.
Your profile
-
4+ years of hands-on application security experience, including cloud-based and containerized environments.
-
Proven experience with secure code reviews and ability to interpret SAST, SCA, and DAST findings and translate them into developer-friendly guidance.
-
Strong working knowledge of modern CI/CD workflows, including Azure Pipelines and GitHub Actions.
-
Deep familiarity with the OWASP Top 10 for web applications and APIs, and how to apply them in practice.
-
Hands-on experience with security tooling such as Snyk, Cycode, Apiiro, Burp Suite, or equivalents.
-
Familiarity with cloud platforms (AWS, Azure) and containerization technologies (Docker, Kubernetes).
-
Ability to communicate complex security concepts clearly and drive buy-in across engineering levels with minimal supervision.
-
Strong collaboration skills and a developer-first mindset — you make security easier, not harder.
Nice to Have
-
Proficiency in Python, Java, or C#.
-
Exposure to AI-SBOM and familiarity with AI-SDLC security considerations.
-
Experience building or scaling a Security Champions program.
-
Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent professional experience).
WHAT WE OFFER:
We are committed to supporting your development, advancing your career, and providing benefits that matter to you.
Our industry-leading Alter Domus Academy offers six learning zones for every stage of your career, with resources tailored to your ambitions and resources from LinkedIn Learning.
Our global benefits also include:
- Support for professional accreditations
- Flexible arrangements, generous holidays, plus an additional day off for your birthday!
- Continuous mentoring along your career progression
- Active sports, events and social committees across our offices
- 24/7 support available from our Employee Assistance Program
- The opportunity to invest in our growth and success through our Employee Share Plan
- Plus additional local benefits depending on your location
Alter Domus is an Equal Opportunity Employer: Equity Statement
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or protected veteran status.
(Alter Domus Privacy notice can be reviewed via Alter Domus webpage: https://alterdomus.com/privacy-notice/)
#LI-HYBRID #LI-DH1