Application Security Manager

S

SMART TECH SKILLS LLC

Application Security Manager

Boston, MA
Full Time
Paid
  • Responsibilities

    Benefits:

    Competitive salary

    Location: Onsite

    Experience Level

    Senior Level (10 or more years of relevant experience)

    Role Overview

    The Information Security Manager / Security Architect is responsible for leading and implementing enterprise data security, compliance, and risk management programs across complex IT environments. This role focuses on establishing security standards, managing vulnerability programs, and ensuring adherence to regulatory frameworks. The position collaborates with security, infrastructure, and application teams to strengthen security posture and support continuous compliance and operational resilience.

    Key Responsibilities:

    Security Architecture & Governance

    Design and implement enterprise data security management and operational models

    Establish and enforce security standards aligned with frameworks such as NIST, FIPS, and FedRAMP

    Provide architectural and configuration guidance to ensure secure, compliant environments

    Evaluate and recommend security tools, technologies, and controls

    Compliance, Risk & Audit Management

    Partner with privacy, security, and compliance teams to manage regulatory requirements

    Coordinate and respond to internal and external audits, including remediation planning

    Maintain compliance with frameworks such as HIPAA, HITRUST, GDPR, and related standards

    Develop and maintain reporting for compliance and security posture

    Vulnerability & Threat Management

    Implement and manage application security testing processes including SAST and DAST

    Establish and oversee vulnerability management programs including penetration testing

    Coordinate remediation efforts and track vulnerabilities through resolution

    Conduct infrastructure security assessments and audits

    Operations, Monitoring & Incident Response

    Maintain system security and integrity by implementing industry-standard IT controls

    Monitor environments and troubleshoot security issues across systems and applications

    Participate in incident response and support 24/7 on-call rotations as required

    Ensure timely resolution of security incidents and operational challenges

    Automation & Continuous Improvement

    Implement automation for system administration, security processes, and deployment activities

    Drive continuous improvement of security processes, controls, and operational efficiency

    Support migration and deployment processes for QA and production environments

    Collaboration & Stakeholder Support

    Work closely with application, QA, and infrastructure teams to ensure security compliance

    Provide technical guidance and support to internal stakeholders and agency users

    Translate technical risks into business context for leadership decision-making

    Deliver training and awareness programs related to security and compliance

    Required Qualifications

    Bachelor’s degree in Information Technology, Computer Science, or related field, or equivalent work experience

    10 or more years of IT experience, including 5 or more years in security leadership roles

    Strong experience with security and compliance frameworks such as NIST, HIPAA, HITRUST, GDPR, and FedRAMP

    Experience designing and implementing enterprise security controls across applications, infrastructure, and networks

    Experience with vulnerability management tools and processes including SAST, DAST, and penetration testing

    Strong understanding of risk management, audit processes, and compliance reporting

    Experience troubleshooting complex security issues across environments

    Strong written and verbal communication skills

    Preferred Qualifications

    Experience with AWS security architecture and compliance practices

    Professional certifications such as CISSP, CISA, CISM, or CCSP

    Experience working in highly regulated or government environments

    Experience implementing automated security and compliance solutions

    Core Skills & Attributes

    Strong analytical and problem‑solving skills

    Ability to identify and mitigate security risks across complex environments

    Strong leadership and decision‑making capabilities

    Effective communication with technical and executive stakeholders

    Detail‑oriented with a focus on compliance and quality

    Ability to work in high‑pressure and on‑call environments

    Collaborative mindset with cross‑functional teams

    Continuous improvement and security‑focused mindset