Corebridge Financial
Overview
Join to apply for the
Application Security Manager
role at
Corebridge Financial . We are an Equal Opportunity Employer. We encourage applicants from all backgrounds to apply and value diversity and inclusion in our workforce. Who You’ll Work With
The Information Technology organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation, partners with business leaders to design and execute new strategies through IT and operations services and ensures the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles. About The Role
Application Security Manager to lead and evolve our DevSecOps function. You will oversee a cross-functional team responsible for embedding security throughout the software development lifecycle (SDLC), integrating AI-driven tools and practices, and enabling secure-by-design development. This role is both strategic and technical, requiring deep expertise in AppSec, DevSecOps automation, and a forward-thinking approach to AI adoption in security. Responsibilities
Lead the application security program with a focus on securing CI/CD pipelines, cloud-native apps, and microservices. Manage a team of DevSecOps engineers and security champions across development squads. Develop and implement scalable security tooling, static and dynamic code analysis software composition, and Software Bill of Materials. Integrate AI and machine learning tools for threat modeling, code analysis, and anomaly detection. Collaborate with development, infrastructure, and product teams to ensure secure architecture and coding practices. Establish AppSec policies, threat modeling frameworks, and secure coding guidelines. Build metrics and reporting to track the effectiveness of AppSec initiatives and risk posture. Evaluate and implement AI-based AppSec tools and integrations within the DevSecOps toolchain. Lead incident response and secure code review processes for critical applications. Act as the primary point of contact for application security audits and compliance initiatives. Skills And Qualifications
7+ years of experience in application security, including 2+ years managing security teams. Strong knowledge of secure coding practices in modern languages (e.g., Python, Java, JavaScript, Go). Experience deploying and managing AppSec tools such as SAST, DAST, SCA, IaC scanners, Application Security Posture Management (ASPM) and secrets detection tools. Hands-on experience in CI/CD platforms (e.g., GitHub Actions, GitLab CI, Jenkins, Azure DevOps). Solid understanding of cloud-native architectures (AWS/GCP/Azure), containers (Docker), and orchestration (Kubernetes). Experience with Infrastructure-as-Code (e.g., Terraform, CloudFormation) and securing DevOps pipelines. Familiarity with AI-driven AppSec tools for vulnerability management, threat detection, and LLM-assisted secure code review. Experience with LLMs (e.g., OpenAI GPT, Gemini) for code analysis, threat modeling, secure coding guidance or vibe coding. Understanding of prompt engineering, model fine-tuning, or integrating AI APIs into security workflows. Bonus: Experience in AI security (e.g., adversarial ML, model poisoning, AI system threat modeling). Bonus: Experience in SAP Security, code review, vulnerability management, and threat monitoring. Bachelor’s degree in a relevant field or proven record of experience in Information Technology and Cyber Security roles. Certifications:
OSCP – Offensive Security Certified Professional (Required or strong preference) GWAPT - GIAC Web Application Penetration Tester OSWE – Offensive Security Web Expert (Preferred) CISSP – Certified Information Systems Security Professional (Preferred) GPEN – GIAC Penetration Tester (Preferred) AI/ML Certifications – e.g., Microsoft AI-102, Google Cloud ML Engineer, or similar (Bonus)
Compensation
The anticipated salary range for this position is $130,000 to $150,000 at the commencement of employment. Not all candidates will be eligible for the upper end of the salary range. The actual compensation offered will depend on factors including geographic location, skills, experience and other qualifications. In addition, the position is eligible for a discretionary bonus under the applicable incentive plan. Corebridge also offers a range of competitive benefits as part of the total compensation package. Work Location
This position is based in Corebridge Financial’s Jersey City, NC, Houston, TX, or Durham, NC office and is subject to our hybrid working policy, which gives colleagues the benefits of working both in an office and remotely. Benefits
Health and Wellness: medical, dental and vision insurance, mental health support and wellness initiatives. Retirement Savings: 401(k) plan with company matching and additional company contributions. Employee Assistance Program: confidential counseling and resources. Matching charitable donations: 1:1 match up to $5,000. Volunteer Time Off: up to 16 hours annually. Paid Time Off: at least 24 PTO days. Equal Opportunity
Corebridge Financial is committed to being an equal opportunity employer. All applicants will be considered based on job-related qualifications without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, neurodivergence, age, veteran status, or any other protected characteristic. We comply with all fair employment laws and provide reasonable accommodations as needed. For accommodations, email TalentandInclusion@corebridgefinancial.com. We will consider qualified applicants with criminal histories, consistent with applicable law. To learn more, visit: www.corebridgefinancial.com
#J-18808-Ljbffr
Join to apply for the
Application Security Manager
role at
Corebridge Financial . We are an Equal Opportunity Employer. We encourage applicants from all backgrounds to apply and value diversity and inclusion in our workforce. Who You’ll Work With
The Information Technology organization is the technological foundation of our business and works in collaboration with our partners from across the company. The team drives technology and digital transformation, partners with business leaders to design and execute new strategies through IT and operations services and ensures the necessary IT risk management and security measures are in place and aligned with enterprise architecture standards and principles. About The Role
Application Security Manager to lead and evolve our DevSecOps function. You will oversee a cross-functional team responsible for embedding security throughout the software development lifecycle (SDLC), integrating AI-driven tools and practices, and enabling secure-by-design development. This role is both strategic and technical, requiring deep expertise in AppSec, DevSecOps automation, and a forward-thinking approach to AI adoption in security. Responsibilities
Lead the application security program with a focus on securing CI/CD pipelines, cloud-native apps, and microservices. Manage a team of DevSecOps engineers and security champions across development squads. Develop and implement scalable security tooling, static and dynamic code analysis software composition, and Software Bill of Materials. Integrate AI and machine learning tools for threat modeling, code analysis, and anomaly detection. Collaborate with development, infrastructure, and product teams to ensure secure architecture and coding practices. Establish AppSec policies, threat modeling frameworks, and secure coding guidelines. Build metrics and reporting to track the effectiveness of AppSec initiatives and risk posture. Evaluate and implement AI-based AppSec tools and integrations within the DevSecOps toolchain. Lead incident response and secure code review processes for critical applications. Act as the primary point of contact for application security audits and compliance initiatives. Skills And Qualifications
7+ years of experience in application security, including 2+ years managing security teams. Strong knowledge of secure coding practices in modern languages (e.g., Python, Java, JavaScript, Go). Experience deploying and managing AppSec tools such as SAST, DAST, SCA, IaC scanners, Application Security Posture Management (ASPM) and secrets detection tools. Hands-on experience in CI/CD platforms (e.g., GitHub Actions, GitLab CI, Jenkins, Azure DevOps). Solid understanding of cloud-native architectures (AWS/GCP/Azure), containers (Docker), and orchestration (Kubernetes). Experience with Infrastructure-as-Code (e.g., Terraform, CloudFormation) and securing DevOps pipelines. Familiarity with AI-driven AppSec tools for vulnerability management, threat detection, and LLM-assisted secure code review. Experience with LLMs (e.g., OpenAI GPT, Gemini) for code analysis, threat modeling, secure coding guidance or vibe coding. Understanding of prompt engineering, model fine-tuning, or integrating AI APIs into security workflows. Bonus: Experience in AI security (e.g., adversarial ML, model poisoning, AI system threat modeling). Bonus: Experience in SAP Security, code review, vulnerability management, and threat monitoring. Bachelor’s degree in a relevant field or proven record of experience in Information Technology and Cyber Security roles. Certifications:
OSCP – Offensive Security Certified Professional (Required or strong preference) GWAPT - GIAC Web Application Penetration Tester OSWE – Offensive Security Web Expert (Preferred) CISSP – Certified Information Systems Security Professional (Preferred) GPEN – GIAC Penetration Tester (Preferred) AI/ML Certifications – e.g., Microsoft AI-102, Google Cloud ML Engineer, or similar (Bonus)
Compensation
The anticipated salary range for this position is $130,000 to $150,000 at the commencement of employment. Not all candidates will be eligible for the upper end of the salary range. The actual compensation offered will depend on factors including geographic location, skills, experience and other qualifications. In addition, the position is eligible for a discretionary bonus under the applicable incentive plan. Corebridge also offers a range of competitive benefits as part of the total compensation package. Work Location
This position is based in Corebridge Financial’s Jersey City, NC, Houston, TX, or Durham, NC office and is subject to our hybrid working policy, which gives colleagues the benefits of working both in an office and remotely. Benefits
Health and Wellness: medical, dental and vision insurance, mental health support and wellness initiatives. Retirement Savings: 401(k) plan with company matching and additional company contributions. Employee Assistance Program: confidential counseling and resources. Matching charitable donations: 1:1 match up to $5,000. Volunteer Time Off: up to 16 hours annually. Paid Time Off: at least 24 PTO days. Equal Opportunity
Corebridge Financial is committed to being an equal opportunity employer. All applicants will be considered based on job-related qualifications without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, neurodivergence, age, veteran status, or any other protected characteristic. We comply with all fair employment laws and provide reasonable accommodations as needed. For accommodations, email TalentandInclusion@corebridgefinancial.com. We will consider qualified applicants with criminal histories, consistent with applicable law. To learn more, visit: www.corebridgefinancial.com
#J-18808-Ljbffr