Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Head of Application Security image - Rise Careers
Job details

Head of Application Security

The Company 

Serving the People Who Serve the People 


Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.  


Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place. With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada. By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe. 

Want to know more? See more of what we do here.  


Granicus is looking for a Head of Application Security. Granicus is the largest cloud solutions provider for government and provides technology that empowers government organizations to create better lives for the people they serve.

 

The Head of Application Security (AppSec) will be responsible for all practices and technologies required to drive continuous improvement of secure software development practices across the enterprise.  This role will work closely with security and technology teams to continuously evolve SDLC standards, implement necessary technologies to enable a complete secure SDLC, and work with software development as necessary to support them in improving the security posture of their code.

 

The Head of Application Security must be collaborative in nature, acting as a true enabler of the business and partner to technology leaders and teams, able to drive security outcomes through influence, and relentlessly focused on establishment of a security-first culture across the company.


What your impact will look like:
  • Accountable for definition and establishment of security components of SDLC policies and standards.
  • Work with Software Engineering teams to implement necessary technologies to enable appropriate security controls (e.g., SAST, DAST)
  • Develop metrics and reporting pertaining to application security, facilitate any reporting and governance forums as necessary.
  • Work with software development teams to answer any questions, help interpret security testing results, and provide any other support and education to aide with continuous improvement of development practices.
  • Work with external parties as necessary to conduct security testing (e.g., penetration testing)
  • Accountable for integration of newly acquired companies into all application security processes.
  • Act as escalation point for security incident response and investigation, as appropriate, pertaining to application development matters.
  • Provide security design/solution support for new application architecture development.
  • Other duties as assigned.


You'll love this job if you have:
  • 5+ years of Information Security and Information Technology experience.
  • 5+ years in Software Development, including in leadership positions.
  • Broad knowledge across all relevant facets of a holistic, modern application security program, including strong understanding of current and emerging trends and threats.
  • Demonstrated track record of efficient, scaled delivery with small teams, directly taking on and providing deliverables.
  • Strong understanding of common security and privacy frameworks and regulations (NIST 800-53, GDPR).
  • Strong technical aptitude and ability to discuss complicated security/development technical concepts with engineers
  • Demonstrated experience with representing security controls to external auditors and/or customers.
  • Excellent executive presentation and communication skills.
  • Ability to lead through influence, including at executive levels.


$150,000 - $200,000 a year

 

Don’t have all the skills/experience mentioned above? At Granicus, we are trying to build diverse, inclusive teams. We do not have degree requirements for most of our roles. If you don’t meet every requirement above but are excited to learn more, we encourage you to apply. We might just be able to find another role that could be a perfect fit! 


Security and Privacy Requirements

-     Responsible for Granicus information security by appropriately preserving the Confidentiality, Integrity, and Availability (CIA) of Granicus information assets in accordance with the company's information security program.

-     Responsible for ensuring the data privacy of our employees and customers, their data, as well as taking all required privacy training in a timely manner, in accordance with company policies.

The Team

- We are a remote-first company with a globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.


The Culture

- At Granicus, we are building a transparent, inclusive, and safe space for everyone who wants to be

a part of our journey.

- A few culture highlights include – Employee Resource Groups to encourage diverse voices

- Coffee with Mark sessions – Our employees get to interact with our CEO on very important and

sometimes difficult issues ranging from mental health to work-life balance and current affairs. 

- Microsoft Teams communities focused on wellness, art, furbabies, family, parenting, and more.-=- - We bring in special guests from time to time to discuss issues that impact our employee

population 


The Impact

- We are proud to serve dynamic organizations around the globe that use our digital solutions to make the world a better place — quite literally. We have so many powerful success stories that illustrate how our solutions are impacting the world. See more of our impact here.


The Benefits 


At Granicus, we offer a competitive benefits package that allows employees to tailor benefits to their needs. Benefits listed below are for employees based in the U.S.


- Flexible Time Off

- Medical (includes an option that is paid 100% by Granicus!), Dental & Vision Insurance

- 401(k) plan with matching contribution

- Paid Parental Leave

- Employer-paid Short and Long Term Disability Insurance, Group Term Life Insurance and AD&D Insurance

- Group legal coverage 

- And more!


 

Granicus is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status with regard to public assistance, familial status, military or veteran status or any other status protected by applicable law. 

Granicus Glassdoor Company Review
3.5 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
Granicus DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of Granicus
Granicus CEO photo
Mark Hynes
Approve of CEO

Average salary estimate

$175000 / YEARLY (est.)
min
max
$150000K
$200000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Head of Application Security, Granicus

Are you ready to take on a pivotal role in the world of application security? Granicus, a front-runner in GovTech solutions, is seeking a Head of Application Security to lead our efforts in securing software development practices across our enterprise. In this position, you'll collaborate closely with various teams to enhance our secure software development lifecycle (SDLC) standards and implement essential technologies. You'll be the guiding force, facilitating security outcomes and fostering a robust security-first culture at Granicus. Embrace the opportunity to oversee security policies, collaborate with software engineering teams on effective security controls, and drive continuous improvement in our application security landscape. Your responsibilities will also include managing external security testing, providing support during security incidents, and offering expert guidance on new application architectures. We’re looking for someone with at least 5 years of experience in Information Security and Software Development, who has strong leadership skills and a deep understanding of application security programs. If you thrive in collaborative environments and are passionate about driving meaningful change, this is the perfect opportunity for you! Join Granicus in our mission to connect governments with their communities and make the world a better place. Explore more about us and see how your impact as Head of Application Security can contribute to our incredible work!

Frequently Asked Questions (FAQs) for Head of Application Security Role at Granicus
What are the key responsibilities of the Head of Application Security at Granicus?

The Head of Application Security at Granicus is accountable for establishing and defining security components of SDLC policies and standards. This role involves closely working with software engineering teams to implement necessary technologies and security controls while also facilitating metrics and governance pertaining to application security. The position integrates security practices from newly acquired companies and serves as an escalation point for security incidents related to application development.

Join Rise to see the full answer
What qualifications are needed for the Head of Application Security position at Granicus?

To qualify for the Head of Application Security role at Granicus, candidates should have over 5 years of experience in Information Security and Software Development, particularly in leadership roles. A strong grasp of modern application security programs, security frameworks, and the ability to communicate effectively with both security and technology teams is essential. Candidates should also demonstrate experience with external security audits and possess excellent presentation skills.

Join Rise to see the full answer
How does the Head of Application Security contribute to Granicus's mission?

As the Head of Application Security at Granicus, you will play a critical role in upholding our mission of connecting governments with their constituents by ensuring that our applications are securely developed and maintained. This role is crucial in establishing a security-first culture, allowing us to confidently introduce innovative technologies that enhance government services and positively impact communities.

Join Rise to see the full answer
What does the application security team culture look like at Granicus?

At Granicus, the application security team thrives in a supportive and collaborative environment. Team members work together to foster a shared understanding of security best practices, contributing to the overall goal of improving application security. Through participation in company-wide initiatives and active engagement in wellness and inclusivity programs, the team upholds Granicus's commitment to creating a diverse and safe workplace.

Join Rise to see the full answer
What career development opportunities does Granicus provide for the Head of Application Security?

Granicus is dedicated to employee growth and offers numerous career development opportunities for the Head of Application Security. These opportunities include comprehensive training programs, mentorship from industry leaders, and participation in global conferences that enhance professional skills in security and technology. Additionally, Granicus supports lateral movements and internal promotions to ensure employees continue to grow within the organization.

Join Rise to see the full answer
Common Interview Questions for Head of Application Security
Can you describe your experience with secure software development practices?

When answering this question, emphasize your understanding and practical experience of secure software development practices, such as threat modeling, secure coding standards, and the integration of security testing tools into the SDLC. Use specific examples from your past roles to demonstrate successful implementations.

Join Rise to see the full answer
How do you handle security incident responses in application security?

Discuss your approach to security incident responses, including protocols for escalation, investigation, and remediation. Share examples from previous experiences where you've efficiently managed security incidents and the lessons learned from those situations.

Join Rise to see the full answer
What strategies do you use to foster a security-first culture among development teams?

Highlight your strategies for promoting a security-first culture, such as regular training, cross-department workshops, and the implementation of enjoyable security awareness campaigns. Mention how collaboration and open communication can create an environment where teams prioritize security.

Join Rise to see the full answer
Can you explain the importance of metrics and reporting in application security?

Discuss how metrics and reporting are crucial for demonstrating the effectiveness of security initiatives and identifying weaknesses. Highlight specific metrics you believe should be tracked and how they can inform stakeholders of security posture improvements.

Join Rise to see the full answer
What challenges have you faced in implementing application security standards?

Be prepared to discuss specific challenges you've encountered, such as resistance from development teams, synchronization issues across teams, or keeping up with emerging security threats. Provide insight into how you successfully navigated these challenges and the strategies you employed.

Join Rise to see the full answer
How do you ensure compliance with security regulations while managing application security?

Talk about your experience working with and applying security frameworks like NIST 800-53 or GDPR. Discuss how you integrate compliance into development processes and work closely with legal and compliance teams to ensure all regulations are met.

Join Rise to see the full answer
Can you provide an example of a successful security remediation project you led?

Share a success story about a security remediation project, detailing your role, the objectives, the approach you took, and the measurable outcomes of the project. This will illustrate your ability to lead and effectively implement security solutions.

Join Rise to see the full answer
How do you stay current with the latest trends and threats in application security?

Explain your methods for staying updated on industry trends, such as attending conferences, participating in webinars, reading industry publications, and engaging with the security community. Emphasize your commitment to continuous learning and adapting strategies based on evolving threats.

Join Rise to see the full answer
What tools and technologies do you consider essential for application security?

Discuss the various tools and technologies you believe are essential, such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and security monitoring solutions. Provide reasoning for your choices based on effectiveness and integration with development environments.

Join Rise to see the full answer
How do you approach collaboration with other departments, such as software development, legal, and IT?

Highlight your communication and collaboration skills, mentioning how you foster strong relationships with different teams to ensure alignment on security goals. Describe approaches to encourage teamwork, information sharing, and collective problem-solving.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User
Granicus Remote Costa Rica (Remote)
Posted 10 days ago

Join Granicus as a Communications Coordinator, where you'll drive innovative communication strategies for government clients in a remote-first environment.

Photo of the Rise User
Posted 11 days ago

Join Granicus in a remote Account Executive role focused on driving sales in the tourism sector with innovative digital solutions.

Photo of the Rise User
Anduril Industries Hybrid Sydney, New South Wales, Australia
Posted 4 days ago

Join Anduril Industries as a Solutions Architect and be at the forefront of transforming military capabilities with advanced technology.

Photo of the Rise User

Join Peraton as a Systems Administrator and play a pivotal role in supporting the Special Operations Command in maintaining critical IT infrastructure and services.

Photo of the Rise User
Posted 5 days ago

Join OCT Consulting as a STIG Compliance Specialist, where you'll play a key role in supporting the security compliance for the United States Air Force.

Photo of the Rise User
Daniel Defense Hybrid US, Bryan County, GA; Georgia, Black Creek, GA
Posted 7 days ago

As an IT Systems Engineer at Daniel Defense, you'll lead IT infrastructure initiatives while managing a talented team for a leading firearms manufacturer.

Photo of the Rise User
Posted 3 days ago

Elevate New York City's data infrastructure as a Senior Technical Lead at the Office of Technology and Innovation, shaping solutions that impact millions.

Photo of the Rise User
Posted 6 days ago

As the IT Business Systems Manager for Quality Systems, you will ensure compliance and operational efficiency for GxP-regulated platforms.

Photo of the Rise User
LegalMatch.com Remote No location specified
Posted 7 days ago

Join LegalMatch as a Mid-Level DevOps Engineer and contribute to enhancing cloud infrastructure and automating processes within a dynamic legal tech environment.

Photo of the Rise User
Posted 5 days ago

Join Cooper-Standard Automotive as a Lead System Analyst to provide technical leadership and support for their Seeburger application architecture.

Granicus is a leading provider of a platform of solutions that make digital government possible to more than 6,000 government agencies, including 850 state departments across the U.S., U.K., Australia, New Zealand, and Canada.

191 jobs
MATCH
Calculating your matching score...
BADGES
Badge ChangemakerBadge Diversity ChampionBadge Family FriendlyBadge Work&Life Balance
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
March 20, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
LATEST ACTIVITY
Photo of the Rise User
Someone from OH, Solon just viewed Graphic Designer at Applause
Photo of the Rise User
Someone from OH, North Canton just viewed NodeJs developer at BlackStone eIT
Photo of the Rise User
Someone from OH, North Canton just viewed Software Development Engineer - Recent Grads Welcome at Sonos
Photo of the Rise User
16 people applied to SOC Analyst I at CBIZ
Photo of the Rise User
Someone from OH, Dayton just viewed Data Entry and Word Processing at MoxieIT
Photo of the Rise User
Someone from OH, Dayton just viewed Content Developer - Intern at Big Ideas Learning
Photo of the Rise User
Someone from OH, Pickerington just viewed Salesforce Lead at Bounteous
Photo of the Rise User
Someone from OH, Pickerington just viewed Industry Lead - High Tech (Salesforce) at Thunder
D
Someone from OH, Akron just viewed Junior Motion Designer at DEPT®
R
Someone from OH, Akron just viewed 2D Graphic and Motion Designer at Ruby Labs
Photo of the Rise User
Someone from OH, Columbus just viewed Customer Success Manager, US SLED at Dataminr
Photo of the Rise User
Someone from OH, Greenville just viewed Systems Engineer (Linux & Shell or Python scripting) at Visa
Photo of the Rise User
Someone from OH, Greenville just viewed Help Desk Technician - Youngstown at R.I.T.A.