Athene · 2 months ago
Lead Application Security Engineer
New York, New York
Full-time
Onsite
Lead/Staff, Director/Executive
$190K/yr - $250K/yr
10+ years expApollo is a global team of alternative investment managers known for delivering uncommon value to investors and shareholders. They are seeking a Director of Application Security to lead the firm's application security strategy, focusing on secure development practices and embedding security throughout the software lifecycle.
FinanceFinancial ServicesInsuranceRetirement
Responsibilities
Lead threat modeling for new and existing applications to identify risks, recommend mitigations, and ensure control alignment with enterprise standards
Guide teams in secure design principles, validate adherence to security controls, and ensure threat models inform architectural decisions
Define and implement secure development lifecycle (SDLC) processes and tools—including SAST, SCA, and secret scanning—and drive adoption across development teams
Integrate and maintain security tooling to streamline analysis, reporting, and remediation workflows throughout the software lifecycle
Build and sustain a security champion program, fostering developer engagement and ensuring teams understand secure coding practices and delivery expectations
Oversee penetration testing, code reviews, and application assessments to identify vulnerabilities and guide timely remediation
Establish governance frameworks to ensure compliance with internal security policies, industry standards, and regulatory requirements. Monitor, report, and continuously improve the firm’s compliance posture
Qualification
Required
10+ years of hands-on experience in Application Security, with a strong background in software development (IDE/CLI environments)
Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field
Demonstrated success partnering with software development teams to provide security oversight across complex application ecosystems
Proven expertise with IDEs, version control systems, CI/CD pipeline management, secure SDLC practices, and SaaS-based security tools (SCA, SAST, DAST) as well as application inventory management
Strong understanding of application architecture, security controls, cloud environments, and penetration testing methodologies
Exceptional collaboration and critical thinking skills, with the ability to operate effectively in a fast-paced, dynamic environment
Familiarity with leading security standards and frameworks (OWASP, NIST, ISO 27001, MITRE ATT&CK) and testing tools such as Burp Suite
Experience working within or alongside regulated industries (e.g., financial services) and understanding their impact on application security practices
Ongoing commitment to staying informed on emerging threats and trends to proactively enhance security measures
Preferred
Experience with Snyk and GitHub is highly desirable
Professional certifications such as CISSP, CSSLP, CASE, GWEB, or MCSA/MCSE are strongly preferred
Benefits
Discretionary annual bonus based on personal, team, and Firm performance
Company
Athene
Athene Holding is a life insurance company that provides retirement savings products for individuals and institutions.
1001-5000 employees
H1B Sponsorship
Athene has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (17)
2024 (28)
2023 (24)
2022 (22)
2021 (22)
2020 (14)
Funding
Current Stage
Public CompanyTotal Funding
$4.43B2025-06-24Post Ipo Debt· $600M
2025-05-14Post Ipo Debt· $1B
2024-10-07Post Ipo Debt· $600M
Leadership Team
Martin P. Klein
Executive VP & CFO
Mike Downing
Executive Vice President, Chief Operating Officer, Athene Holding Ltd.
Recent News
The Motley Fool
2025-11-07
Apollo Global Management, Inc.
2025-11-04
Company data provided by crunchbase