Manager: Application Security Engineering Lead at Tek Experts

Tek Experts provides the services of a uniquely passionate and expert workforce that takes intense pride in helping companies manage their business operations. We care about the work we do, the companies we partner with and the customers they serve. By delivering unrivaled levels of business and IT support, we make sure nothing gets in the way of our clients leaving their mark on the world. Our experience and expertise enable companies to focus on their core objectives, expand their service offering and exceed their customer expectations.

Responsibilities
Security Strategy & Leadership

• Define and execute the application security roadmap, ensuring alignment with enterprise security strategy and compliance obligations.
• Champion secure-by-design and DevSecOps practices across backend, frontend, mobile, cloud, and integration teams.
• Partner with engineering, product, and security stakeholders to balance speed-to-market with security and compliance.
• Stay ahead of emerging threats, tools, and frameworks relevant to application security.

Secure SDLC & DevSecOps Enablement

• Embed security into every stage of the software development lifecycle (SDLC).
• Oversee deployment of application security testing tools (SAST, DAST, IAST, SCA) within CI/CD pipelines.
• Drive adoption of secure coding practices, threat modelling, and code reviews.
• Establish policies and playbooks for secure development and release management.

Governance, Risk & Compliance

• Ensure applications comply with regulatory and industry standards (e.g., PCI DSS, GDPR, POPIA, ISO 27001, SOC 2).
• Oversee secure design reviews, penetration testing, and vulnerability remediation.
• Govern API security, identity management, and encryption standards across platforms.
• Partner with enterprise GRC (Governance, Risk & Compliance) to manage audits and security certifications.

Leadership & People Development

• Lead and mentor application security engineers, DevSecOps specialists, and secure coding champions.
• Build organizational expertise in secure development, cloud-native security, and API security.
• Foster a culture of security-first engineering through training, awareness, and technical leadership.
• Develop career pathways and succession planning for security-focused engineering talent.

Stakeholder & Vendor Management

• Collaborate with DevOps, cloud, and software engineering leads to ensure security alignment across platforms.
• Partner with external vendors and consultants for pen testing, code audits, and security toolchains.
• Represent application security in architecture boards, risk committees, and executive forums.
• Manage vendor relationships for AppSec platforms, scanners, and monitoring tools.

Qualifications
Education & Certifications

• Bachelor’s degree in Computer Science, Software Engineering, Information Security, or related field (mandatory).
• Postgraduate qualification (MSc in Cybersecurity, MBA) – advantageous.
• Professional Certifications (preferred/required): CISSP, CISM, or CISA; CSSLP, GWAPT, or OSWE; AWS/Azure/GCP Security certifications, Kubernetes Security Specialist; SAFe Practitioner, Scrum Master (advantageous).

Experience

• 8–12 years’ experience in software or security engineering, with at least 3–5 years in an application security leadership role.
• Proven track record in embedding security into large-scale enterprise software delivery.
• Hands-on experience with secure coding, API security, cryptography, and OWASP Top 10.
• Experience implementing SAST, DAST, IAST, and SCA tools into CI/CD pipelines.
• Strong exposure to cloud-native architectures, microservices, and containerized environments.
• Experience managing security audits, regulatory compliance, and third-party risk assessments.

Core Skills & Competencies

• Deep expertise in application security frameworks, secure SDLC, and DevSecOps.
• Strong knowledge of threat modelling, risk assessment, and security design reviews.
• Leadership ability to build and mentor security-focused engineering teams.
• Excellent stakeholder engagement skills, with the ability to influence engineering and executive leadership.
• Strong analytical and problem-solving abilities with a proactive, prevention-first mindset.

Method of Application

Signup to view application details. Signup Now