Application Security Testing Manager

Application Security Testing Manager

Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company you choose to work at, and its leaders, will support and guide you. With a variety of people, global locations, technologies, and products, 3M is a place where you can collaborate with other curious, creative 3

Mers.

Impact You’ll Make in this Role

As an Application Security Testing Manager, you will lead the strategy, execution, and continuous improvement of application security practices across 3M’s global application portfolio. This role supports the secure enablement of the software development lifecycle (SDLC) by helping confirm that application risks are identified, prioritized, and addressed in alignment with enterprise risk management objectives.

• Lead and mentor a team of application security engineers and analysts.
• Define and maintain the 3M application security testing strategy, roadmap, and operating model.
• Partner with application development, platform, and product teams to integrate security into SDLC and CI/CD pipelines.
• Oversee third‑party application security vendors, tooling, and testing engagements.
• Establish governance, standards, and metrics for application security testing programs.
• Oversee application security testing programs including SAST, DAST, SCA, and manual code review.
• Promote secure design practices through threat modeling and architecture reviews.
• Guide remediation of application vulnerabilities in collaboration with development teams.
• Leverage enterprise tooling (e.g., SAST/SCA platforms, Azure Dev Ops, Git Hub) to support secure development workflows.
• Monitor emerging application security threats and adjust controls accordingly.
• Collaborate with vulnerability management, detection engineering, and incident response teams to align application risk handling.
• Communicate application security risk posture to leadership through dashboards and management reporting.
• Support audit, compliance, and regulatory activities by providing application security program evidence and metrics.
• Promote secure coding culture through training, standards, and developer engagement.

Minimum qualifications:

• Bachelor’s degree in Cybersecurity, Computer Science, or related field (completed and verified prior to start).
• Five (5) years of experience in application security or secure software development in a private, public, government or military environment.

• Strong knowledge of application security principles and SDLC integration.
• Experience with OWASP Top 10, NIST, and secure design practices.
• Proven leadership and stakeholder management skills.
• Ability to translate technical risk into business impact.
• Familiarity with cloud‑native application architectures.
• Certifications such as CISSP, CSSLP, or GWAPT are valued.

Work location:

Austin, TX

Relocation Assistance:
Yes

Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).

3M offers programs to support your well‑being, including competitive pay and a range of benefits. Compensation range: $188,251 – $230,084 (base pay plus variable incentive pay, if eligible).

3M does not discriminate in hiring or employment on the basis of race, color, sex, national origin, religion, age, disability, veteran status, or any other characteristic protected by applicable law.