Senior Manager – Application Security

Overview

Senior Manager – Application Security at Miro. Lead a global team responsible for embedding security into Miro’s Software Development Lifecycle (SDLC) from concept to code to customer impact. Partner with product and engineering to mitigate risk while accelerating developer velocity and innovation. Focus on secure-by-default development through secure design support, automated tooling, vulnerability management, offensive testing, and developer engagement. Align with the Discover, Define, Deliver product lifecycle and the AMPED Ways of Working and Operating Model. Contribute to adapting and securing AI-supported software development and Agentic AI workflows to ensure innovation and trust.

About The Team The Senior Manager of Application Security leads a global team and collaborates with Product, Engineering, and Design to embed security across the product lifecycle.

What You’ll Do

• Lead and mentor a globally distributed team of security engineers focused on application security, offensive testing, secure architecture, and vulnerability remediation.
• Coordinate initiatives, provide project management leadership, and drive cross-functional collaboration.
• Integrate security into Miro’s Discover, Define, Deliver lifecycle through the AMPED Ways of Working and Operating Model.
• Collaborate with Product, Engineering, and Design to ensure security consideration at the earliest stages, including threat modeling and risk reviews.
• Shape and evolve secure SDLC practices, integrate security into CI/CD pipelines, infrastructure-as-code, and developer tooling.
• Oversee bug bounty and third-party testing programs; triage, communicate, and remediate vulnerabilities.
• Build and scale the Security Champions program to embed security ownership within each engineering team.
• Guide secure adoption of AI-augmented software development tools and Agentic AI workflows; support security automation and decision-making.
• Provide guidance, reference architectures, and patterns to support secure, scalable, privacy-respecting features.
• Define and report KPIs for secure development adoption, vulnerability resolution, and developer engagement.
• Collaborate with Privacy, Legal, and Compliance to align with regulatory requirements (ISO 27001, SOC 2, GDPR, and emerging AI regulations).
• Foster a collaborative, learning-oriented team culture focused on continuous improvement.

What You’ll Need

• 10+ years of experience in software, application, or product security, with strong secure software development experience.
• 3+ years of technical leadership or management in a security-focused role.
• Extensive experience with threat modeling methodologies (e.g., STRIDE, PASTA) and risk assessment in SaaS/product contexts.
• Deep expertise in SSDLC and integrating security into agile and custom development frameworks.
• Experience running Security Champions programs and scaling developer engagement.
• Experience leading offensive security programs (penetration testing, red teaming, bug bounty).
• Understanding of governance and assurance frameworks (ISO 27001, SOC 2, OWASP SAMM).
• Familiarity with AI/LLM tooling and related security/governance considerations.
• Experience with AWS and securing API-driven, microservice-based architectures.
• Ability to manage distributed teams and communicate across technical and business stakeholders.

Who You Are (Skills & Attributes)

• Developer-Aligned: Understands modern software development pace and reduces friction while improving security.
• An Exceptional Communicator: Articulates risks to non-technical stakeholders and translates goals into security strategy.
• A Natural Collaborator: Builds relationships and influences cross-functional teams without direct authority.
• A Pragmatic Problem-Solver: Identifies scalable, risk-based solutions and navigates ambiguity.
• Data-Driven: Uses metrics to measure program effectiveness and drive improvement.
• A Passionate Mentor: Develops talent and empowers engineers and product managers as security champions.

Why Join Miro’s Security Team

Help define how innovation and trust scale together. Work across the AMPED operating model, empower developers through secure tooling, and support AI-driven and agentic workflows that redefine how software and teams are built.

What’s In It For You

• Competitive equity package
• Medical insurance coverage
• Lunch, snacks and drinks in the office
• Wellbeing benefit and home-office equipment allowance
• Annual learning and development allowance
• Travel allowance for your commute
• Opportunity to work for a globally diverse team
• Inspiring workplace in Amsterdam

About Miro

Miro is a visual workspace for innovation enabling distributed teams to build the next big thing. Co-headquartered in San Francisco and Amsterdam, Miro serves more than 100M users and 250,000 companies. We are committed to diversity and inclusion and fostering a sense of belonging for all Mironeers.

Additional

Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy.

#J-18808-Ljbffr