Manager, Application Security

Role Purpose

The purpose of this role is to lead information security for the CxM Practice Area, building on dentsu’s enterprise security maturity journey and embedding security capability directly into the Practice Area’s product and service operations.

• Strengthen security culture and capabilities within CxM.
• Embed security and risk considerations into relevant design and decision‑making processes.
• Provide security assurance and validation for key applications and services.

This role is responsible for understanding, assessing, and managing information security risk across the Practice Area. The role reports to the SVP Security (Global Practices) and works closely with colleagues across Security Architecture, Security Engineering, Dev Ops, and Cyber Operations to help secure client products and solutions.

• Lead information security for client solutions and Practice Area technology, partnering with stakeholders to deliver secure products and services to clients, including on‑premises and cloud infrastructure components.
• Embed security controls, patterns, and tooling into product and solution teams across all stages of the secure development lifecycle (SDLC), with a strong focus on shift‑left practices.
• Oversee security assurance for products and solutions, evaluating the implementation and effectiveness of security controls.
• Identify, assess, and manage security weaknesses, vulnerabilities, and risks from multiple sources (e.g. security testing, threat intelligence and audits), ensuring appropriate response and management of these issues (treatment plans, remediation actions, and risk acceptance where applicable).
• Lead Practice Area delivery of relevant global security and transformation initiatives, ensuring successful execution and alignment with Practice Area priorities and client requirements.
• Provide Practice Area incident support to Cyber Operations as a security subject matter expert (SME) for the business division and support investigations.
• Support client security requests, including (but not limited to) RFIs, audits and security questionnaires.

• Relevant security certifications or equivalent experience, e.g. CISSP, CISM (or similar).
• Experience in product/application security, including common security issues e.g. OWASP top 10.
• Experience across various security frameworks (e.g. ISO 27001, NIST CSF, SOC2).
• Demonstrated expertise in security risk assessment for technical products and solutions, including the ability to support design, development, and implementation of appropriate security controls.
• Good understanding of modern technologies, architectures, and engineering practices, including cloud‑native patterns, APIs, CI/CD, and Dev Ops ways of working.
• Broad knowledge across core security domains and principles, such as secure design.
• Strong SDLC knowledge with practical experience embedding security early (“shift left”) through patterns, controls, tooling, and consultancy.
• Excellent stakeholder management and interpersonal skills, able to influence and communicate effectively with both technical and non‑technical audiences.
• Excellent written and verbal communication skills, including producing clear security guidance, risk briefs, and assurance outcomes.
• Experience operating in a matrixed organisation, aligning and delivering across multiple teams, priorities, and stakeholders.
• Comfortable managing uncertainty, ambiguity, and change, making sound decisions and recommendations with incomplete information.
• Desirable: PCI / PCI DSS experience (advantageous).

The annual salary range for this position is $113,000 - $182,562. Placement within the salary range is based on a variety of factors, including relevant experience, knowledge, skills, and other factors permitted by law.

Benefits available with this position include:

• Medical, vision, and dental insurance
• Life insurance
• Short‑term and long‑term disability insurance
• 401(k)
• Flexible paid time off
• At least 15 paid holidays per year
• Paid sick and safe leave
• Paid parental leave

Location:

USA - Remote (Maryland). The role requires occasional in‑office presence as directed by the Company.

Dentsu is committed to providing equal employment opportunities to all applicants and employees. We do this without regard to race, color, national origin, sex, sexual orientation, gender identity, age, pregnancy, childbirth or related medical conditions, ancestry, physical or mental disability, marital status, political affiliation, religious practices and observances, citizenship status, genetic information, veteran status, or any other basis protected under applicable federal, state, or local law.

Dentsu is committed to providing reasonable accommodation to, among others, individuals with disabilities and disabled veterans. If you need an accommodation because of a disability to search and apply for a career opportunity with us, please send an e‑mail to Appli