Lead Application Security Engineer

Benefits

Additional Information

Position Overview At Apollo, we're a global team of alternative investment managers passionate about delivering uncommon value to our investors and shareholders. With over 30 years of proven expertise across Private Equity, Credit and Real Estate, regions and industries, we're known for our integrated businesses, our strong investment performance, our value-oriented philosophy - and our people. We are seeking a Director of Application Security to join Apollo's global Cyber Security & Risk team within Engineering. This leader will define and drive the firm's application security strategy-strengthening secure development practices, architecture, and runtime environments across a diverse, expanding portfolio. You will oversee the design and operation of a scalable application security program, partnering closely with engineering, security, and business teams to embed security throughout the software lifecycle. Primary Responsibilities Application Threat Modeling: Lead threat modeling for new and existing applications to identify risks, recommend mitigations, and ensure control alignment with enterprise standards. Application Design & Architecture: Guide teams in secure design principles, validate adherence to security controls, and ensure threat models inform architectural decisions. Secure SDLC Development & Implementation: Define and implement secure development lifecycle (SDLC) processes and tools-including SAST, SCA, and secret scanning-and drive adoption across development teams. Operationalization of Security Tools: Integrate and maintain security tooling to streamline analysis, reporting, and remediation workflows throughout the software lifecycle. Application Security Awareness & Enablement: Build and sustain a security champion program, fostering developer engagement and ensuring teams understand secure coding practices and delivery expectations. Application Security Testing: Conduct regular code reviews and application assessments to identify vulnerabilities and guide timely remediation. Governance, Risk, and Compliance: Establish governance frameworks to ensure compliance with internal security policies, industry standards, and regulatory requirements. Monitor, report, and continuously improve the firm's compliance posture. Qualifications & Experience 10+ years of hands-on experience in Application Security, with a strong background in software development (IDE/CLI environments). Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field. Demonstrated success partnering with software development teams to provide security oversight across complex application ecosystems. Proven expertise with IDEs, version control systems, CI/CD pipeline management, secure SDLC practices, and SaaS-based security tools (SCA, SAST, DAST) as well as application inventory management. Experience with Snyk and GitHub is highly desirable. Strong understanding of application architecture, security controls, cloud environments, and penetration testing methodologies. Exceptional collaboration and critical thinking skills, with the ability to operate effectively in a fast-paced, dynamic environment. Familiarity with leading security standards and frameworks (OWASP, NIST, ISO 27001, MITRE ATT&CK) and testing tools such as Burp Suite. Experience working within or alongside regulated industries (e.g., financial services) and understanding their impact on application security practices. Ongoing commitment to staying informed on emerging threats and trends to proactively enhance security measures. Professional certifications such as CISSP, CSSLP, CASE, GWEB, or MCSA/MCSE are strongly preferred About Apollo Apollo is a high-growth, global alternative asset manager. In our asset management business, we seek to provide our clients excess return at every point along the risk-reward spectrum from investment grade to private equity with a focus on three investing strategies: yield, hybrid, and equity. For more than three decades, our investing expertise across our fully integrated platform has served the financial return needs of our clients and provided businesses with innovative capital solutions for growth. Through Athene, our retirement services business, we specialize in helping clients achieve financial security by providing a suite of retirement savings products and acting as a solutions provider to institutions. Our patient, creative, and knowledgeable approach to investing aligns our clients, businesses we invest in, our employees, and the communities we impact, to expand opportunity and achieve positive outcomes. Our Purpose & Core Values Our clients rely on our investment acumen to help secure their future. We must never lose our focus and determination to be the best investors and most trusted partners on their behalf. We strive to be: The leading provider of retirement income solutions to institutions, companies, and individuals. The leading provider of capita

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Apollo? Share your experience