Engineering Manager (Application Security)

Role Overview

Engineering Manager for the Application Security team at Qualia. You will lead the redesign of the modern AppSec function, scale team output, and set the security vision for the next two years—using AI to enhance security workflows and embed security earlier in the development lifecycle.

Key Missions

• Lead and grow the Application Security team
  • Coach senior AppSec engineers
  • Set goals and own delivery against the security roadmap
• Build an automated pen-testing program
  • Stand up pipelines for continuous, AI-assisted offensive testing across services, APIs, and web properties
• Partner with leadership to define multi-quarter strategy across
  • Anomaly detection
  • Threat modeling
  • AI-augmented defense

Requirements

• 5+ years as a security or full-stack engineer working on production systems
• 2+ years managing a security or platform engineering team
• Track record shipping automation that changed how a team works
• Ideally used LLMs, agents, or ML in a security or engineering workflow
• Product sense with a bias toward measurable impact (focus on risk reduction, not ticket closure)
• Strong written communication (e.g., design docs, post-mortems, board-ready summaries)
• Comfort across the full security lifecycle: prevention, detection, response, recovery
• Hands-on AppSec depth:
  • Threat modeling
  • Code review
  • At least one offensive-security discipline (pen testing, red team)

Nice to Have

• Experience in fintech, real estate tech, or other regulated high-liability domains
• Published research, CVEs, or conference talks in AppSec/offensive security/AI security
• Experience designing/operating anomaly-detection systems on production traffic, auth logs, or financial transactions
• Familiarity with AI-enabled offense and defense (e.g., prompt injection, model abuse, agent exploitation)