• Manage a world-class Application Security team and drive their continued success.
• Collaborate with colleagues in Product Development to ensure that software products and features are built and deployed securely.
• Lead and improve upon AppFolio’s robust Threat Modeling process.
• Identify and mitigate software vulnerabilities in AppFolio products.

• Demonstrates a servant leadership mindset to build and maintain an engaged and high-performing team. 
• Asks the right questions, collects and analyzes information, problem-solves, and makes clear, consistent decisions. Manages through ambiguity.
• Makes decisions in a timely manner, sometimes with incomplete information and under pressure, based upon a mixture of analysis, wisdom, experience, and judgment.
• Speaks and writes clearly and articulately without being overly verbose or talkative.
• Is a team player and easily gains trust and support of peers.  Develops and uses collaborative relationships to facilitate the accomplishment of work.

• 3 or more years experience on a high-performing Application Security team
• 1 or more years experience as a manager of technical employees
• Hands-on experience identifying, rating, and triaging web application security vulnerabilities (such as the OWASP Top Ten)
• Hands-on experience with security testing tools and technologies (e.g., SAST, DAST, SCA)
• Hands-on experience with web application penetration testing tools (e.g., Burp Proxy Suite, OWASP ZAP)

• Formal education in Information Security, Computer Science, Software Engineering, or Information Systems.
• Experience working with large-scale Ruby on Rails applications.
• Experience with Software maturity frameworks (e.g. OWASP SAMM)

Please note that base pay is one important aspect of a compelling Total Rewards package. The base pay range indicated here does not include any additional benefits or bonuses/commissions that you may be eligible for based on your role and/or employment type.

Regular full-time employees are eligible for benefits - see here.