Senior Manager Application Security

About the Role

As the Senior Manager of Application Security at TQL, you will lead and mature our enterprise-wide application security program. You’ll drive strategy, governance, and execution for securing applications across the SDLC, enabling our business to innovate rapidly while maintaining strong security controls. This role requires deep technical expertise, leadership, and business acumen to collaborate with development teams, architects, and senior stakeholders.

What’s in it for you

• Competitive base salary and comprehensive benefits package
• Advancement opportunities with structured career paths
• Access to the latest emerging technologies
• Reimbursement for continuous education and technical training
• Voted a 2019-2025 Computerworld Best Places to Work in IT

What You’ll Be Doing

• Develop and execute TQL’s application security strategy, aligning with enterprise security goals and business objectives
• Define policies, standards, and best practices for secure software development and application protection
• Establish governance frameworks and reporting mechanisms to track risk posture and program effectiveness
• Lead, mentor, and grow a team of application security engineers and analysts
• Collaborate with product and development leadership to embed security within DevOps and agile practices
• Oversee secure code reviews, threat modeling, penetration testing, and application vulnerability management
• Integrate automated security testing tools (SAST, DAST, SCA, IaC scanning) into CI/CD pipelines
• Evaluate and deploy emerging technologies to strengthen TQL’s application security posture
• Identify, prioritize, and remediate application risks across web, mobile, and cloud-native applications
• Provide executive-level reporting on application security risks and key metrics
• Ensure compliance with regulatory and industry standards (e.g., PCI-DSS, CCPA)
• Serve as the primary liaison between cybersecurity and development/business units on application security matters
• Educate stakeholders on secure coding practices and advocate for security as a business enabler

What You Need

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field required
• 10 years of progressive experience in cybersecurity, with at least 5 years focused on application security
• 3 years in a leadership role managing security teams
• Strong technical knowledge of application security practices (OWASP, NIST SSDF) and DevSecOps methodologies
• Experience with application security tools (e.g., Veracode, Snyk, Checkmarx, Burp Suite)
• Excellent communication, leadership, and stakeholder management skills
• Demonstrated experience driving maturity of application security through outcome-driven metrics
• Professional certifications such as CISSP, CSSLP, GWAPT, or OSWE preferred
• Experience in high-transaction, fast-paced industries (logistics, e-commerce, financial services) preferred
• Familiarity with cloud-native security (AWS, Azure, GCP)

Where you'll be: 4289 Ivy Pointe Blvd Cincinnati, OH 45245