Application security manager: How AI changed the game

Lead the development and implementation of comprehensive network protection, and network-led monitoring projects and programs (e.g. to counter DDoS and man-in-the-middle attacks)

Lead the development of user account fraud protection projects and tooling,e.g. to counter typically new account opening fraud, phishing attacks, session hijacking, data theft, identity theft, etc.

Conduct regular security assessments and audits to identify vulnerabilities in applications and software (or plugin) updates. This is because regular posture and cybersecurity updates allow organizations to keep up with ever-changing threats.

Collaborate with development teams to integrate security practices and awareness, as early as possible in the design stages of software development life cycle. A best practice here is running threat modeling sessions with the team even before starting the implementation.

Incident response, mitigation and post-analysis: Operationally, application security managers are expected to respond to incidents as immediately as possible, some critical incidents requiring 24/7 responsibility. This includes alerting authorities, implementing immediate mitigation, and conducting post-mortem analysis.

Implementing preventive measures: Related to the point above, modern application security managers are also expected to continuously optimize their cybersecurity posture to prevent future incidents.

This remit is closely related to cybersecurity data management. Data collected enables forward-thinking, preventive decision-making that can positively influence a wider coherent digital strategy (product, SEO, architecture, etc.)

Ensure compliance with regulatory requirements: At minimum reach relevant cybersecurity standards, develop and enforce security policies, roles, governance, processes and procedures.

Research new technology & innovation: To know to a reasonable degree, the latest security trends, threats, and technologies to continuously enhance security framework.

Team management, mentoring, contingency planning: Future proofing cybersecurity, mentoring promising colleagues, building shared understanding, and planning contingency/succession. Foster a culture of security awareness.

Oversee the application security lifecycle, implementing security policies, and conducting security audits at the right point in time, e.g. before a major release or after a critical change.

Cyberpolicy, digital strategy advisory and strategy: Advise other departments because cybersecurity typically affects a variety of other corporate strategies such as your UX and product development, especially for SaaS companies. A hot topic is how modern AI-powered security can help in improving user experience instead of undermining it.

Budget & Resources planning: You may also be expected to have sound budget management skills, and basic TCO assessment of your cybersecurity stack, both in terms of Opex and Capex, as well as Upfront/Recurrent costs profile.

Bachelor's or Master’s degree in Computer Science, Cybersecurity, or related. However, cybersecurity has moved so fast recently that we see an ongoing weakening of this traditional criterion, in favor of hands-on experience.

Minimum of 5 years of experience in application security or a related cybersecurity role. This one may depend on the profile, some engineers with only 2-3 years in a specific type of cyber/fraud tech may well find work inside larger ICT/cyber teams.

Strong understanding of security policies, cryptography, authentication, authorization, security vulnerabilities, and remediation techniques. No one is expected to be an expert on every aspect of every fraud type, but sound fundamentals are required across the board.

Experience with security frameworks (e.g., OWASP Top 10, CWE/SANS Top 25, NIST SSDF) and security standards (e.g., ISO/IEC 27001, SOC2).

Proficient in using security software tools and vulnerability scanners.

Excellent leadership skills with the ability to manage and motivate a team.

Strong problem-solving skills and the ability to work under pressure.

Excellent verbal and written communication skills. Increasingly a critical requirement as the role includes more mentoring, involvement in design, strategy, and corporate wide programs.

Ability to build a scalable, fit for purpose holistic cybersecurity strategy and policy, that counters and/or mitigates all relevant types of cybersecurity threats.

Ability to surface cybersecurity data and trends, to keep ahead of the general cybersecurity race. Seeing different types of fraud modeled as metrics for your cybersecurity monitoring is useful to make better strategic decisions.

Experience with automated security tools from network monitoring to AI-led behavioral biometrics detection of fraudulent account usage. Scaling cybersecurity has quickly become a must-have skill for most cybersecurity roles, belying the critical role of adaptability and scaling cyber defenses to a growing, changing threat.

Ability to provide a holistic view of entire cybersecurity posture and strategy, across all threat types and tools, preferably in an integrated software such as security platform wazuh.com (which can also be called an application security manager)

Ability to customize cybersecurity policies to support UX: A benefit of AI-led security tools such as behavioral biometrics fraud detection is its non-disruptive, continuous monitoring in the background, which is not triggered if the user profile shows normal behavior with no signs of fraud.

Integration of security at the development phase: Whenever a new software product or feature is being built, best practice is for application security managers to get increasingly involved (consulted) during design stages. This often involves performing threat modeling exercises to highlight potential threats and mitigations available to the team.

Certifications such as CISSP, CISM, or GIAC are highly desirable.

Experience in programming languages, such as Java, Python, TypeScript, or C#.

Prior experience with cloud security and technologies (AWS, Azure, Google Cloud).

Prior experience with cross-functional teams and programs (with design, software, architecture and product teams chiefly)

Scaling defenses easily / in real time: Extreme ease of configuration for a nuanced cyber posture. Scaling and customizing cybersecurity, for say, a specific use case or an extremely high profile project.

Providing a holistic view of the cybersecurity program, threats, protection and tools, events and trends. AI can analyze very large amounts of data, easily visualized in open source cybersecurity platforms such as wazuh.com

AI allows for immediate response, risk and cost mitigation: AI-led cybersecurity can often prevent fraud before it happens, compared to reactive cybersecurity tools. If a cyberattacker buys a fraudulent token on the dark web, hijacks a user session and tries for a fraudulent transaction, he will quickly leave a trail of usage signals (IP, device, keystroke speed, etc.) clashing with the profile of the account owner. AI behavioral biometrics can mitigate immediately, depending on configuration, to freeze an account before the fraudulent path/transaction can be completed, slashing financial risk (platform and user).

AI allows for much finer trend analysis, leading to “predictive” cybersecurity program management, helping organizations control their cybersecurity and staying ahead of the curve in the longer run.