A Little About Us

EDB provides a data and AI platform that enables organizations to harness the full power of Postgres for transactional, analytical, and AI workloads across any cloud, anywhere. EDB empowers enterprises to control risk, manage costs and scale efficiently for a data and AI led world. Serving more than 1,500 customers globally and as the leading contributor to the vibrant and fast-growing PostgreSQL community, EDB supports major government organizations, financial services, media and information technology companies. EDB’s data-driven solutions enable customers to modernize legacy systems and break data silos while leveraging enterprise-grade open source technologies. EDB delivers the confidence of up to 99.999% high availability with mission critical capabilities built in such as security, compliance controls, and observability. For more information, visit www.enterprisedb.com

*Candidate Note: This position is 100% remote for candidates based in the US*

As the Senior Manager of Application Security at EDB, you will play a pivotal role in safeguarding our applications and data, ensuring they meet the highest security standards. Your work will directly support our business objectives by protecting the trust customers place in EDB and ensuring the resilience of our products in an ever-evolving threat landscape.

What your impact will be :

• Develop, implement, and support EDB’s application security services to be consumed by product teams across our all products and within our global infrastructure

• Establish a threat modeling program based on industry-standards and frameworks (e.g., STRIDE, DREAD, PASTA).

• Conduct threat modeling exercises throughout the application development lifecycle. Work with development teams to identify and analyze potential attack vectors, vulnerabilities and their potential impact to EDB products..

• Develop guidance for the refinement of automated code review tooling such as DAST, SAST, SCA as well as manual testing techniques

• Support Vulnerability Disclosure Program, triage, assess and analyze vulnerability reports submitted through the VDP, prioritizing them based on severity, risk, and exploitability.

• Coordinate vulnerability remediation work with internal development teams to reproduce, validate, and prioritize vulnerabilities. Facilitate timely patch development and deployment, ensuring efficient resolution.

• Work to integrate security practices into all phases of the SDLC, from requirements gathering to deployment and maintenance.

• Develop guidance for managing open-source supply chain components, assess risks, and ensure compliance with enterprise policies.

• Develop and track key performance indicators to measure the effectiveness of the application security program.

• Build strong relationships with stakeholders across the organization and communicate security risks and recommendations effectively.

• Partner with Information Security Program Management on the roadmap and execution of security activities across EDB’s business units

What you will bring :

• Proven leadership in managing and mentoring a team of security professionals, with experience in cross-functional collaboration and driving security initiatives across multiple teams.

• Bachelor's degree in Computer Science, Information Security, or a related field

• 7+ years of experience in application security, with at least 3 years in a leadership role

• Strong understanding of security frameworks and standards (e.g., NIST 800-218, BSIMM, OWASP SAMM)

• Experience with security tools and technologies (e.g., SAST, DAST, SCA, threat modeling)

• Excellent communication and interpersonal skills

• Strong analytical and problem-solving skills

What will give you an edge :

• Advanced security certifications (e.g., CISSP, CISM, CISA)

• Experience in cloud security and infrastructure as code

• Knowledge of DevOps and Agile methodologies

• Experience with open-source software security

• Experience with incident response and digital forensics

Comp Range (DOE/Location) : $180-210k + 10% annual bonus

EDB is committed to supporting our employees' overall well being by offering a range of benefits and resources to promote a healthy work-life balance and wellness. We provide access to CuraLinc to aid employees in health and wellness tips and practices, as well as Wellness Fridays extending to December 2024! Check out our career site for more information on perks and benefits and reach out to our Talent Acquisition team for region specific benefits.

We know it takes a unique mix of people and skills to help us in our mission to supercharge Postgres, and we understand that not everyone will check every box. We’d love to hear from you and we want you to apply!

EDB is proud to be an equal opportunity workplace. We celebrate diversity and are committed to creating an inclusive environment for all employees. EDB was built on a commitment to trust and respect each other and to embrace an array of people and ideas. These values remain at the center of our culture and are key to our company’s integrity.

EDB does not seek or accept unsolicited resumes or CVs from recruitment agencies. EDB and its affiliates are not responsible for, and will not pay, any fees, commissions, or any other similar payment related to unsolicited resumes or CVs except as required in a written signed agreement between EDB and the recruitment agency or party requesting payment of a fee.

#LI-Remote #BI-Remote