Manager/Principal Cyber Security Engineering en Sabre
Sabre · Dallas, Estados Unidos De América · Hybrid
- Senior
- Oficina en Dallas
Sabre is a technology company that powers the global travel industry. By leveraging next-generation technology, we create global technology solutions that take on the biggest opportunities and solve the most complex challenges in travel.
Positioned at the center of the travel, we shape the future by offering innovative advancements that pave the way for a more connected and seamless ecosystem as we power mobile apps, online travel sites, airline and hotel reservation networks, travel agent terminals, and scores of other solutions.
Simply put, we connect people with moments that matter.
Manager of Application Security
Position Description
As the Manager (or Principal since this is a very technical leadership role) of Application Security, you will lead a team of skilled security professionals dedicated to protecting Sabre’s applications and data. In conjunction with the security architecture team, you will drive the strategy and execution of application security initiatives and continuous automation, ensuring robust protection against evolving threats and reduction of developer toil. This role requires expertise in application security and developing secure software solutions, and a leadership mindset that values a happy, healthy, and high-performing innovative team culture—where fun and focus go hand in hand.
Role and Responsibilities:
- Report to the Director of Application Security, Vulnerability Management, and SOAR.
- Collaborate with your leader and security architects to understand, establish and execute the application security strategy.
- Lead, mentor, and develop a team of application security engineers and analysts.
- Foster a culture of continuous improvement, knowledge sharing, and professional development within the team.
- Lead application security practices, including SAST/DAST/SCA scanning, onboarding, and support (e.g., Veracode or similar tools), and vulnerability management.
- Oversee manual and automated application penetration testing, vulnerability assessments, and remediation efforts across the SDLC and CI/CD pipelines.
- Own the application security roadmap, set team goals, and track key performance indicators (KPIs) for security posture improvement.
- Participate in security incident response, audit remediation, and application-based access control reviews.
- Lead or participate in threat modeling sessions for new applications and features.
- Integrate security checks into CI/CD workflows (e.g., secrets scanning, dependency checks, container scanning).
- Collaborate with developers and DevOps to implement secure build and deployment practices and drive adoption of automated security tools.
- Ensure that security gates do not hinder velocity but maintain compliance.
- Establish and maintain application security standards, baselines, and processes (e.g., Sabre internal policy/standards, OWASP, SANS, CERT, NIST).
- Provide subject matter expertise in secure coding, application architecture reviews, and threat modeling.
- Maintain audit readiness and documentation for application environments.
- Coordinate with global outsourcers and vendors to ensure consistent security practices and effective risk management.
- Maintain comprehensive documentation of security processes, findings, and best practices.
- Communicate security risks, strategies, and progress to executive leadership and stakeholders.
Qualifications and Education Requirements:
- Bachelor’s degree in Computer Science, Information Security, or related field.
- 7+ years of experience in application security, software engineering, including 1+ years in a leadership role.
- Strong background in software development and secure coding practices
- Experience coding in at least some of the following languages… Java, .Net, C#, C++, Golang, PHP, Ruby, other scripting languages.
- Some proficiency with SAST/DAST/SCA tools (e.g., Veracode), application inventory management, and security frameworks.
- Some hands-on experience with manual penetration testing, vulnerability assessment, and remediation.
- Experience working with global outsourcers and managing third-party security engagements.
- Excellent written and verbal communication skills; ability to present complex security topics to technical and non-technical audiences.
- Demonstrated ability to manage multiple projects, prioritize tasks, and drive results.
Nice to Have Qualifications:
- Experience with machine learning/AI for security automation and anomaly detection.
- Experience with cloud security, automation tools, and CI/CD pipeline integration.
- Experience with tools like Terraform, Ansible, Jenkins, GitHub Actions, GitDocs
- Experience with SNOW, RSA Archer.
- Knowledge of distributed architecture, high-availability systems, and capacity planning.
- Advanced degree (MS, MBA) or additional leadership training.
- Relevant certifications: Certified Ethical Hacker (CEH), OSCP, CISSP, GWAPT, GSSP, CASE, CSSLP, CCSP.
Reasonable Accommodation
Sabre is committed to working with and providing reasonable accommodation to applicants with disabilities. Applicants applying for a Sabre position with a disability who require a reasonable accommodation for any part of the application or hiring process may contact Sabre at [email protected].
Determinations on requests for reasonable accommodation will be made on a case-by-case basis.
Affirmative Action
Sabre is an equal employment opportunity/affirmative action employer and is committed to providing employment opportunities to minorities, females, veterans and disabled individuals. EEO IS THE LAW
#LI-Hybrid#LI-DA1 Solicitar ahora 
			 
			 
			 
			