Vice President, IT Application Security

Vice President, IT Application Security – Corebridge Financial

Join to apply for the Vice President, IT Application Security role at Corebridge Financial
.

At Corebridge Financial, we believe action is everything. That’s why every day we partner with financial professionals and institutions to make it possible for more people to take action in their financial lives, for today and tomorrow.

We align to a set of values that are the core pillars defining our culture and helping bring our brand purpose to life.

• We are stronger as one:
  We collaborate across the enterprise, scale what works and act decisively for our customers and partners.
• We deliver on commitments:
  We are accountable, empower each other and go above and beyond for our stakeholders.
• We learn, improve and innovate:
  We get better each day by challenging the status quo and equipping ourselves for the future.
• We are inclusive:
  We embrace different perspectives, enabling our colleagues to make an impact and bring their whole selves to work.

The VP, IT Application Security will lead and provide day-to-day oversight and coordination across the IT Security Application Security Teams for cybersecurity projects. The role will manage onboarding of applications to the SAST/DAST application code scanning platform, work with the Software Security Assessment (SSA) Team to ensure application portfolios adhere to standards and recertification cadence, and serve as a subject‑matter expert/technical mentor in translating application security requirements.

• Integrate SAST, SCA, and other automated security tools into CI/CD pipelines (Git Hub Actions, Git Lab, Jenkins, Azure Dev Ops).
• Partner with development teams to embed security in the design and build phases, ensuring vulnerabilities are identified and fixed early.
• Configure, tune, and maintain SAST, SCA, and dependency‑scanning tools for accurate results and minimal false positives.
• Provide actionable remediation guidance and train developers on secure coding.
• Conduct lightweight penetration testing and threat modeling for web and API applications to complement automated scanning.
• Collaborate with Dev Ops and cloud engineering teams to build security guardrails around containers, infrastructure as code, and APIs.
• Track, measure, and report on vulnerability metrics, remediation SLAs, and KPIs.
• Continuously research new security tools, automation methods, and industry best practices for improving Dev Sec Ops  maturity.

• 3–5 years of experience in Application Security or Dev Sec Ops  roles.
• Strong hands‑on experience with SAST tools (e.g., Checkmarx, Veracode, Fortify).
• Solid knowledge of SCA tools (e.g., Snyk, Black Duck, White Source, Dependency‑Check).
• Practical experience integrating security scans into CI/CD pipelines.
• Familiarity with secure SDLC, OWASP Top 10, API Security Top 10, CWE/SANS.
• Strong scripting/automation skills (Python, Bash, or Power Shell).
• Excellent ability to interpret scan results, reduce noise, and communicate findings effectively to developers.

The anticipated salary range for this position is $140,000 to $165,000 at the commencement of employment for the Jersey City, NJ area. The actual compensation offered will ultimately depend on multiple factors, including geographic location, skills, experience and other qualifications. In addition, the position is eligible for a discretionary bonus in accordance with the terms of the applicable incentive plan.

• Health, dental and vision insurance plans and mental health support and wellness initiatives.
• Retirement savings:
  Competitive 401(k) Plan with up to 6% company match and 3% additional contribution.
• Employee Assistance Program with confidential counseling services.
• Matching charitable donations 1:1 up to $5,000.
• Volunteer Time Off: up to 16 hours annually.
• Paid Time Off: at least 24 PTO days.

This position is based in Corebridge Financial’s Houston, TX, Durham, NC, or Jersey City, NJ office and is subject to our hybrid working policy, which gives colleagues the benefits of working both in an office and remotely.

May include up to 25% travel.