Application Security Engineering Manager | JobSetuu

Description

Job Overview

• Source: Jobicy

Job Description

Synthesia is the world’s leading AI video platform for business, used by over 90% of the Fortune 100. Founded in 2017, the company is headquartered in London, with offices and teams across Europe and the US.

As AI continues to shape the way we live and work, Synthesia develops products to enhance visual communication and enterprise skill development, helping people work better and stay at the center of successful organizations.

Following our recent Series E funding round, where we raised $200 million, our valuation stands at $4 billion. Our total funding exceeds $530 million from premier investors including Accel, NVentures (Nvidia's VC arm), Kleiner Perkins, GV, and Evantic Capital, alongside the founders and operators of Stripe, Datadog, Miro, and Webflow.

Location: Europe remote or London hybrid

About the role:

As our engineering and research organisation grows, so does the complexity of securing it. Our Application Security team is at the forefront of that challenge — building AI-native security tooling, embedding security into the development lifecycle at scale, and finding ways to make a small, highly capable team punch well above its weight.

We're looking for an Engineering Manager to lead and grow the AppSec team. This is not a coordination role. You'll be leading a team of exceptionally senior and staff-level engineers who are deeply self-directed and technically excellent. To earn their trust and enable their best work, you'll need to be genuinely close to the craft — able to engage at depth on threat modelling, agentic security tooling, SDLC design, and application risk. You'll also own AppSec strategy and be accountable for how the function scales alongside a product organisation that is growing fast and leaning heavily into AI-assisted development.

Important note: Anyone working as a manager within the Infosec team will need to follow the Infosec Team Management Tenets.

Key Responsibilities:

• Lead, support, enable and grow the AppSec team — owning hiring, onboarding, performance, and career development for a team of Senior and Staff-level Security Engineers. Important to understand: we're not looking for someone to dictate the roadmap or daily activities of the team. What we need is someone to enable the team to do what needs doing and to give them the best possible environment to do it in.

• Own the formalisation of AppSec strategy and roadmap, translating team input, business risk and engineering context into a clear, prioritised programme of work with measurable outcomes.

• Be a credible technical partner to your team — able to engage substantively on threat models, security architecture, agentic tooling design, and risk decisions, and willing to get into the details when it matters.

• Define and maintain the team's operating rhythm: OKRs, quarterly planning, cross-team coordination, and stakeholder communication up to leadership.

• Act as a key interface between AppSec and the rest of the organisation and leadership — building relationships with business leadership, engineering leads, the Developer Platform team, Architecture Working Group, and partner functions like Legal and Moderation, to embed security into how Synthesia builds.

• Participate in maintaining and evolving Synthesia's approach to AI-assisted development security, including how we secure our own use of agentic coding tools and how we assess the security of AI-generated code.

• Own AppSec's relationship with the broader Security function, ensuring tight alignment between AppSec and other Infosec teams on shared risks, incidents, and cross-cutting initiatives.

• Represent AppSec externally where relevant — with customers, auditors, and in the context of compliance programmes such as SOC2 and ISO42001.

What's in it for you:

• Lead a small, senior team with high autonomy, and focus on creating leverage rather than running a ticket queue.

• Work in a leading AI-company with high-growth and a very friendly culture. It’s a fun ride!

• Build and ship AI-native / agentic security tooling end-to-end, from prototypes to production systems that materially change how engineering works.

• Operate at the intersection of product, platform, and security architecture, with scope to shape how secure-by-default looks in a rapidly scaling AI company.

Experience & Qualifications:

You're a Security Engineer first, who has grown into leadership. You're comfortable in the details and know when to roll up your sleeves, but you've also developed the organisational instincts to run a team effectively and the strategic clarity to own a function.

• You're a strong communicator who can operate across audiences — from deeply technical discussions with staff engineers, to clear risk framing for leadership, to pragmatic negotiation with product and engineering partners.

• You have a strong engineering background in application security, with hands-on experience in areas such as threat modelling, secure design review, (AI-)SAST/SCA tooling, vulnerability management, and/or security automation.

• You are very comfortable with Python and JavaScript. You have experience with AWS and/or GCP from a cloud infrastructure perspective, and you know your way around GitHub Actions.

• You have meaningful people management experience — you've hired, grown, and performance-managed security engineers, and you understand what good looks like at senior IC levels.

• You've led or significantly contributed to an AppSec programme in a fast-growing SaaS or AI company, ideally one where the engineering organisation was scaling faster than the security team.

• You have a genuine point of view on AI-native security engineering — how LLMs and agentic tools change the attack surface, and how to use them defensively. This space is central to what we're building and you need to be able to lead credibly within it.

• You've worked in an environment with a mature engineering culture and understand how to embed security as a collaborative partner rather than a gate.

Bonus Points For:

• Experience with Kubernetes from an operational/security perspective.

• Familiarity with any of the tools in our current stack: Semgrep, Wiz, CrowdStrike, HackerOne, Claude Code, Cursor, GitHub Actions, StepSecurity

• Prior experience as a Staff or Principal security engineer before moving into management.

At Synthesia we expect everyone to...

• Be an owner

• Focus on outcomes over Inputs and Plans

• Make the journey fun

• Default to simple

You can read more about this in this public Notion page - https://synthesia.notion.site/How-we-work-at-Synthesia-f794caa72f8446efb6be22b551ce0fa2 

Benefits:

• A flexible, remote friendly role based out of Europe or one of our hubs in London, Copenhagen, Munich, or Zurich.

• 25 days of annual leave + public holidays in the country where you are based.

• A generous referral scheme.

• Work from home set up.

• At Synthesia, you can work from anywhere (within reason) in the world for up to 60 days per year!

• A huge opportunity for career growth as you’ll help shape a market-defining product.

Expert Career Tips for Application Security Engineering Manager Roles

To succeed in a competitive market as a Application Security Engineering Manager, you need more than just technical skills. Here are some expert strategies to elevate your profile:

• Build a Strong Portfolio: For technical roles, a clean GitHub or a personal project site is essential. For non-technical roles, a case study portfolio demonstrating problem-solving and impact is equally valuable. Show, don't just tell, what you have achieved in your previous positions.
• Master the Narrative: When interviewing, use the STAR method (Situation, Task, Action, Result) to structure your answers. Quantify your results wherever possible—mentioning "increased efficiency by 20%" is much more impactful than saying "improved efficiency."
• Continuous Learning: The industry moves fast. Whether it's staying updated with the latest AI tools or mastering a new management methodology, continuous professional development is key. Consider obtaining industry-recognized certifications that align with Application Security Engineering Manager requirements.
• Networking: Connect with other professionals in similar roles. Join online communities, attend webinars, and engage in meaningful discussions on professional social networks. Often, the best opportunities come through referrals and community engagement.
• Soft Skills Matter: Communication, empathy, and leadership are often the deciding factors between two equally qualified technical candidates. Cultivate these skills as they are universally valued across all industries and seniority levels.

Additionally, research the specific company's culture and values. Tailoring your application to show how you align with their mission can significantly increase your chances of moving forward in the process.

Salary & Compensation

Salary not disclosed; typically competitive for the role.

Work Arrangement

Type: On-Site

Standard business hours at the office.

Comprehensive Application Strategy & Hiring Process

Applying for a new role is a marathon, not a sprint. Follow this strategic approach to maximize your success rate:

1. Initial Research & Tailoring

Don't send the same resume to every employer. Spend at least 30 minutes researching the company. Look for recent news, their product roadmap, and their team structure. Modify your summary and core competencies to reflect the specific keywords found in the job description.

2. The Perfect Cover Letter

If the application allows for a cover letter, use it to tell a story that your resume cannot. Explain why you are passionate about this specific company and how your unique background makes you the perfect fit for the challenges they are currently facing.

3. Navigating the Multi-Stage Interview

Most modern hiring processes involve 3-5 stages. This typically includes a recruiter screen, a technical or skill-based assessment, a peer interview, and a final leadership round. Prepare for each stage differently: focus on enthusiasm and fit for the recruiter, technical depth for the assessment, and strategic vision for the leadership round.

4. Post-Interview Follow-Up

Always send a personalized thank-you note within 24 hours of each interview. Reference a specific topic discussed during the call to demonstrate your active listening and genuine interest in the role.

By following these steps, you demonstrate a high level of professionalism and attention to detail that sets you apart from the average applicant.

Typical Interview Process

1. Resume screening
2. HR call
3. Skill interview
4. Final manager interview
5. Offer

Tip: Research the company's products and culture.

Global Market Intelligence & Relocation Insights

At JobSetuu, we specialize in helping talent navigate the global job market. Here is what you need to know about the current landscape in Global and beyond:

The demand for skilled professionals is increasingly borderless. For roles based in Global, understanding the local cost of living, visa requirements (if applicable), and cultural nuances is vital. If this is a remote role, consider the time zone alignment and the asynchronous communication culture of the hiring organization.

Relocation Support: Many forward-thinking companies offer relocation packages that include moving stipends, temporary housing, and legal assistance with work permits. When evaluating an offer, look beyond the base salary—consider the total compensation package, including equity, bonuses, and healthcare benefits.

Work-Life Balance Trends: Hybrid and remote work have become standard in many regions. Research the local labor laws and common practices regarding work hours and vacation time to ensure the role aligns with your lifestyle goals.

Leveraging JobSetuu's tools can help you compare salaries across different cities and understand the "purchasing power" of your potential offer, ensuring you make an informed decision for your long-term career path.

Skills & Competency Roadmap for Professional Development

To remain competitive in Professional Development, we recommend focusing on the following core competencies over the next 12-18 months:

• Technical Mastery: Deepen your expertise in the core tools and languages relevant to your field. For developers, this might be cloud architecture; for marketers, it might be data-driven attribution modeling.
• AI Augmentation: Learn how to leverage generative AI and automation tools to increase your productivity. Understanding how to integrate these technologies into your workflow is becoming a non-negotiable skill.
• Leadership & Strategy: Even in individual contributor roles, the ability to think strategically and lead projects from inception to completion is highly valued. Focus on stakeholder management and high-level project planning.
• Data Literacy: The ability to interpret data and use it to drive decisions is essential across all business functions. Familiarize yourself with data visualization and basic analytical concepts.

By investing in these areas, you not only prepare yourself for the role you are applying for today but also build a resilient foundation for the opportunities of tomorrow.

Apply via JobSetuu

Discover your next career milestone on JobSetuu. This Application Security Engineering Manager position is part of our commitment to bringing you the most relevant and high-impact job openings globally. At JobSetuu, we simplify your job search by aggregating premier listings and providing the tools you need to stand out. Don't miss the chance to elevate your professional journey—explore more opportunities and career insights on our platform today.