Smartsheet · 5 hours ago
Manager, Application Security (Remote Eligible)
United States
Full-time
Remote
Mid, Senior Level
$175K/yr - $228K/yr
7+ years expSmartsheet has been helping teams achieve their goals for over 20 years, and they are looking for a Manager of Application Security to lead a talented team of engineers. This role involves embedding security into the development lifecycle, managing external security assessments, and driving security automation to ensure the platform is resilient and secure.
Cloud ManagementEnterpriseSaaSSoftware
Responsibilities
Lead and Mentor a High-Performing Team: Hire, develop, and retain top engineering talent. Foster a culture of technical excellence and ownership while providing coaching, career guidance, and performance management for your direct reports
Champion "Shift-Left" Security: Partner with development teams to embed security into the CI/CD process. Advocate for and operationalize automated security tooling (SAST, DAST, SCA) to provide developers with fast, actionable feedback
Manage External Security Assessments: Oversee the strategy and operations for both the Responsible Disclosure program and third-party penetration testing. You will handle scoping, vendor management, triage, and the facilitation of remediation with internal engineering teams
Advise on Customer-Facing Security Features: Collaborate with Product and Engineering teams to provide technical feedback and security requirements for customer-facing features (e.g., encryption controls, audit logging, identity management). You will ensure we are building product capabilities that solve security challenges for our customers
Execute the Security Roadmap: Collaborate with leadership to implement the strategy for security infrastructure and automation. Ensure your team’s work aligns with business objectives and effectively reduces risk
Drive Security Automation: Prioritize the engineering of automated solutions for threat detection and vulnerability management. Ensure your team builds tools that allow us to respond to threats at machine speed
Enable Incident Response & Compliance: Oversee the team's participation in incident response activities and ensure technical controls support continuous compliance with frameworks such as FedRAMP, SOC 2, and ISO 27001
Qualification
Required
7+ years of progressive experience in technology, with at least 1-2 years in a management or team lead role for a technical team (AppSec, DevSecOps, or Site Reliability Engineering)
Technical Background: A BS/MS in Computer Science or equivalent experience, with a strong background in scripting/programming (Python, Go, or Java) and agile development
AppSec & Cloud Expertise: Experience with modern application security toolchains (SAST, DAST), vulnerability management, and cloud environments (preferably AWS)
Framework Knowledge: Familiarity with application security requirements for regulated markets (e.g., FedRAMP, HIPAA, SOC2)
Collaboration Skills: Proven ability to build partnerships between engineering/development and security teams, influencing them to adopt best practices
Communication Skills: Demonstrates the ability to communicate clearly and effectively, both in writing and verbally, with technical and non-technical stakeholders
Planning and Execution: Ability to translate strategy into actionable plans, manage timelines, and ensure reliable execution
Decision-Making and Judgment: Ability to make timely, well-reasoned decisions with incomplete information, balancing security risk, business impact, and delivery timelines
Preferred
Industry certifications such as CISSP, CISM, or cloud-specific security certifications
Experience leading and supporting teams that are globally distributed across time zones and geographies
Benefits
HSA, 100% employer-paid premiums, or Buy-up medical/vision and dental coverage options for full-time employees
401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)
Monthly stipend to support your work and productivity
Flexible Time Away Program, plus Sick Time Off
US employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plans
US employees receive 12 paid holidays per year
Up to 24 weeks of Parental Leave
Personal paid Volunteer Day to support our community
Opportunities for professional growth and development including access to Udemy online courses
Company Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet account
Teleworking options from any registered location in the U.S. (role specific)
Company
Smartsheet
Smartsheet is a cloud-based work management platform that empowers collaboration, drives better decision-making, and accelerates innovation.
1001-5000 employees
H1B Sponsorship
Smartsheet has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (46)
2024 (59)
2023 (48)
2022 (57)
2021 (32)
2020 (41)
Funding
Current Stage
Public CompanyTotal Funding
$3.35BKey Investors
Insight PartnersSutter Hill Ventures
2024-09-24Private Equity
2024-09-24Post Ipo Debt· $3.2B
2024-09-24Acquired
Leadership Team
Ed Graczyk
VP, Corporate Communications
Min Wang
VP, Digital Marketing
Recent News
2025-12-30
Company data provided by crunchbase