Senior Manager, Application Security

Senior Manager, Application Security About the team Our team is dedicated to leading the configuration of critical perimeter defense systems, including anti-bot technologies, web application firewalls (WAF), and AWS Shield! Our responsibility extends to ensuring the security and resilience of the CI/CD pipeline across a diverse and evolving array of technologies. We collaborate closely with customers to implement security standard processes, integrating their insights with our technical expertise. The goal is to provide a robust, secure foundation for continuous development and deployment, ensuring our organization stays protected against emerging threats while maintaining operational efficiency. About the role We are seeking an experienced and dynamic Cloud Security Engineering Manager to lead and own a versatile team of security engineers responsible for safeguarding our cloud infrastructure, web applications, and CI/CD pipelines! As a hands-on leader, you will be responsible for all aspects of cloud security, mentor your team, and collaborate with cross-functional teams to ensure secure development practices, robust perimeter defense, and compliance with industry standards. As a Senior Manager, Application Security, you will: Lead, mentor, and manage a team of cloud security engineers responsible for securing our cloud infrastructure, applications, and pipelines. Provide technical mentorship and expertise to your team in key areas such as AWS architecture, web application security, anti-bot technologies, CI/CD security, and secure coding practices. Coordinate the design, deployment, and maintenance of security services and infrastructure, ensuring robust perimeter defenses and threat detection. Manage the configuration and optimization of AWS security services, including WAF, Shield, IAM, GuardDuty, Security Hub, CloudFront, VPC, and KMS, in alignment with standard processes. Drive the implementation of Infrastructure as Code (IaC) security using tools like Terraform and AWS CloudFormation, ensuring secure and scalable deployments. Collaborate with development, operations, and product teams to ensure security is integrated into all stages of the software development lifecycle. Define security metrics, supervise progress, and report on the overall health of the organization's cloud security posture to executive leadership. Manage security incidents and escalations, and work with your team to continuously improve incident response processes, using automation wherever possible. Develop and implement security policies, standards, and best practices that align with industry regulations and internal compliance requirements. Drive the adoption of secure coding practices and cultivate a culture of security awareness across the organization. Who you are Strong understanding of AWS architecture and security services, including WAF, Shield, IAM, CloudFront, VPC, GuardDuty, Security Hub, and KMS. Validated leadership experience in leading and mentoring a team of cloud or security engineers. Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform and AWS CloudFormation. In-depth knowledge of web application security and perimeter defense technologies, including anti-bot solutions, SSL/TLS, HTTP security headers, and DNS security. Experience in securing CI/CD pipelines, integrating security testing tools, and leading secret management systems like AWS Secrets Manager or HashiCorp Vault. Solid understanding of secure coding practices, static and dynamic code analysis, and version control security. Experience working in an Agile or DevOps environment and collaborating with cross-functional teams. AWS certifications (e.g., Solutions Architect, Security Specialty, or DevOps Engineer) are highly desirable. Knowledge of compliance frameworks such as NIST, SOC 2, PCI-DSS, or ISO 27001. Get to know us Zillow is reimagining real estate to make home a reality for more and more people. As the most-visited real estate website in the United States, Zillow and its affiliates help movers find and win their home through digital solutions, first class partners, and easier buying, selling, financing and renting experiences. Our efforts to streamline the real estate transaction are supported by a deep-rooted culture of innovation, our passion to redefine the employee experience, a fundamental commitment to Equity and Belonging, and world-class benefits. These benefits include comprehensive medical, dental, vision, life, and disability coverages as well as parental leave, family benefits, retirement contributions, and paid time off. Zillow Group is an equal opportunity employer committed to fostering an inclusive, innovative environment with the best employees. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please contact your recruiter directly. Not ready to apply? That's OK! Introduce yourself to our recruiting teams and give yourself greater potential of finding a role that is a fit. Receive early access to events, jobs, and insights into life at Zillow. Join Our Talent Network. #J-18808-Ljbffr

Created: 2025-02-01