Ready to join a team that’s all in? At Imprivata, we deliver unified access and security management programs that eliminate friction, empowering healthcare and mission-critical organizations to work smarter, faster, and more securely.
We believe work can be more than a job or task—it’s a collective spirit; the type that emboldens creativity, embraces challenge, and fosters excitement. We are constantly raising the bar on what’s possible, owning the outcome of our triumphs and trials, staying nimble amidst change, and cultivating an environment where we win together. Here, your ideas matter, your differences are celebrated, and your work drives real results—for your career, your teammates, and our customers.
When you join Imprivata, you embark on a shared journey of ambition and growth. We’re committed to building an inclusive workplace where everyone feels valued and supported. If you’re looking for a place to match your passion with purpose—and where every day you can make an impact—you’ll find it here.
We are seeking a Senior Manager, Application Security to join our team. This is a hybrid opportunity based out of our Waltham, MA office.
Job Summary
Duties and Responsibilities
- Lead and scale the application security program across products, embedding secure-by-design and shift-left practices throughout the SDLC.
- Manage, mentor, and set direction for the AppSec team, including priorities, goals, and operating cadence.
- Act as a senior technical authority on secure architecture, coding, threat modeling, vulnerability management, and remediation.
- Define and drive the roadmap for AppSec tooling and automation, including implementation, adoption, and optimization.
- Integrate security controls into engineering workflows, CI/CD pipelines, code reviews, and release processes.
- Oversee penetration testing programs, validate findings, and ensure timely, accountable remediation.
- Develop and report on AppSec metrics, dashboards, and executive-level insights on risk and program maturity.
- Promote security awareness through training, guidance, and active engagement with engineering and product teams.
- Support incident response and investigations, providing leadership on containment, root cause, and corrective actions.
- Collaborate cross-functionally and act as a player-coach, influencing leaders while balancing strategic direction with hands-on execution and staying current on emerging threats.
- Other duties as assigned and required.
Required Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, Information Systems, or a related technical discipline.
- 8+ years of relevant experience in application security, product security, or software security, including 2+ years leading and developing a team.
- 3+ years of prior software development, software quality, DevOps, security engineering, penetration testing, or similarly technical experience that enables credible partnership with engineering teams.
- Demonstrated experience leading or scaling an application security program in a product or software-driven environment.
- Deep working knowledge of secure SDLC practices, vulnerability management, threat modeling, code review concepts, application security testing methodologies, and remediation prioritization.
- Experience implementing and operating AppSec tools such as SAST, DAST, SCA, secrets scanning, container or IaC scanning, API security tooling, or related developer-facing security platforms.
- Strong written and verbal communication skills, including the ability to present security tradeoffs and program metrics to technical teams, senior leadership, and external partners.
- Experience with common security, privacy, and compliance frameworks relevant to software products, such as OWASP guidance, PCI DSS, SOC 2, ISO 27001, HIPAA, or similar standards.
- Experience evaluating or applying generative AI in the context of AppSec, secure development, security review, developer enablement, or vulnerability analysis.
- Experience leading AppSec in multi-product SaaS or highly regulated environments, with strong exposure to customer and third-party security assessments.
- Hands-on expertise in cloud-native and API security, CI/CD tooling, and integrating security into developer workflows.
- Proven ability to build security metrics, governance, and executive reporting, supported by relevant industry certifications (e.g., CISSP, CSSLP, CISM, CCSP).
This position offers a total compensation range of $230,000.00 to $240,500.00 (inclusive of base salary and variable compensation, such as bonuses and incentives). In addition, more information about Imprivata’s benefit offerings can be found here. This range represents the high and low end of Imprivata’s compensation range for this position. Actual compensation will vary and may be above or below the range based on various factors, such as a candidate’s location, skills, experience, and qualifications.
At Imprivata, we have a top-notch work environment, developmental opportunities, a competitive total rewards package, and the desire to have fun. If you have the skills and qualifications as we have described above, we want to hear from you!
Imprivata provides equal employment opportunities, regardless of race, religion, age, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
#LI-Hybrid #LI-SF1
Top Skills
Imprivata Waltham, Massachusetts, USA Office
480 Totten Pond Rd, Waltham, MA, United States, 02451
Similar Jobs at Imprivata
What you need to know about the Boston Tech Scene
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
