Synthesia26 дней назад
Application Security Engineering Manager
Полная занятостьУдалёнка
Обязанности
- 01Lead, support, enable and grow the AppSec team — owning hiring, onboarding, performance, and career development for a team of Senior and Staff-level Security Engineers. Important to understand: we're not looking for someone to dictate the roadmap or daily activities of the team. What we need is someone to enable the team to do what needs doing and to give them the best possible environment to do it in.
- 02Own the formalisation of AppSec strategy and roadmap, translating team input, business risk and engineering context into a clear, prioritised programme of work with measurable outcomes.
- 03Be a credible technical partner to your team — able to engage substantively on threat models, security architecture, agentic tooling design, and risk decisions, and willing to get into the details when it matters.
- 04Define and maintain the team's operating rhythm: OKRs, quarterly planning, cross-team coordination, and stakeholder communication up to leadership.
- 05Act as a key interface between AppSec and the rest of the organisation and leadership — building relationships with business leadership, engineering leads, the Developer Platform team, Architecture Working Group, and partner functions like Legal and Moderation, to embed security into how Synthesia builds.
- 06Participate in maintaining and evolving Synthesia's approach to AI-assisted development security, including how we secure our own use of agentic coding tools and how we assess the security of AI-generated code.
- 07Own AppSec's relationship with the broader Security function, ensuring tight alignment between AppSec and other Infosec teams on shared risks, incidents, and cross-cutting initiatives.
- 08Represent AppSec externally where relevant — with customers, auditors, and in the context of compliance programmes such as SOC2 and ISO42001.
Требования
- 01You're a Security Engineer first, who has grown into leadership. You're comfortable in the details and know when to roll up your sleeves, but you've also developed the organisational instincts to run a team effectively and the strategic clarity to own a function.
- 02You're a strong communicator who can operate across audiences — from deeply technical discussions with staff engineers, to clear risk framing for leadership, to pragmatic negotiation with product and engineering partners.
- 03You have a strong engineering background in application security, with hands-on experience in areas such as threat modelling, secure design review, (AI-)SAST/SCA tooling, vulnerability management, and/or security automation.
- 04You are very comfortable with Python and JavaScript. You have experience with AWS and/or GCP from a cloud infrastructure perspective, and you know your way around GitHub Actions.
- 05You have meaningful people management experience — you've hired, grown, and performance-managed security engineers, and you understand what good looks like at senior IC levels.
- 06You've led or significantly contributed to an AppSec programme in a fast-growing SaaS or AI company, ideally one where the engineering organisation was scaling faster than the security team.
- 07You have a genuine point of view on AI-native security engineering — how LLMs and agentic tools change the attack surface, and how to use them defensively. This space is central to what we're building and you need to be able to lead.
Условия
- 01Lead a small, senior team with high autonomy, and focus on creating leverage rather than running a ticket queue.
- 02Work in a leading AI-company with high-growth and a very friendly culture. It’s a fun ride!
- 03Build and ship AI-native / agentic security tooling end-to-end, from prototypes to production systems that materially change how engineering works.
- 04Operate at the intersection of product, platform, and security architecture, with scope to shape how secure-by-default looks in a rapidly scaling AI company.
- 05Location: Europe remote or London hybrid