Kforce is seeking a dynamic and experienced Senior Manager of Application Security to lead a high-performing team of application security engineers in Atlanta, GA. This role is critical to the security and integrity of Kforce's global suite of custom-built and third-party applications. The Senior Manager of Application Security will be responsible for ensuring secure development practices, overseeing dynamic application testing, managing web application firewalls, and establishing modern security standards for APIs and software development across the enterprise. Summary: As a hands-on leader, you will embed security throughout the software development lifecycle and partner closely with engineering teams to align security initiatives with business and technical goals. You will lead the charge in protecting Kforce's platforms from evolving threats-safeguarding both enterprise and customer-facing solutions. This role reports directly to the Director of Cybersecurity Software Engineering. Key Responsibilities: * Lead and mentor a team of application security engineers focused on identifying and mitigating vulnerabilities across internal and external applications * Develop and enforce secure coding practices and risk-based controls integrated into development workflows and DevSecOps pipelines * Oversee the configuration, tuning, and management of Web Application Firewalls (WAF) protecting public-facing web assets * Direct manual and automated application security testing efforts, including oversight of third-party penetration testing providers * Manage the responsible disclosure process, coordinating communication with external researchers to validate and remediate vulnerabilities * Collaborate with cross-functional teams, ensuring security policies and procedures are effectively applied across platforms and services * Participate in cybersecurity incident response activities and post-mortem reviews to enhance detection and prevention capabilities* Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience) * 8+ years of professional experience, with at least 6 years in cybersecurity and 3 years in a formal leadership capacity * Strong hands-on expertise in secure software development, static and dynamic code analysis, WAF management, and API security * Proficiency in Python, with additional experience in languages such as Java, JavaScript (React/Node), C#, Go, or PHP * Proven experience building and implementing secure coding standards and influencing architectural decisions across engineering teams * Strong communication and collaboration skills, with the ability to clearly explain complex security topics to technical and executive stakeholders * Demonstrated ability to lead teams, manage priorities, and deliver in fast-paced enterprise environments Preferred Qualifications: * Industry certifications including CISSP, CISM, CEH, OSCP, AWS/Azure certifications are a plus * Experience securing applications in large-scale, multi-cloud environments (AWS, Azure, or GCP) * Familiarity with the AWS Well-Architected Framework and secure cloud architecture design * In-depth knowledge of IAM, cryptography, secrets management, OAuth, SAML, and modern access control protocols * Experience with Agile, DevSecOps practices, and containerized deployments (e.g., Kubernetes, ECS, EKS, Lambda) * Hands-on knowledge of network security concepts and security technologies like firewalls, edge services, and DMZ architectures * Exposure to regulated industries (e.g., finance, healthcare, telecommunications, defense) and compliance frameworks such as NIST, ISO 27001, GDPR, FFIEC, or GLBA * Background in consulting (Big Four) or large-scale enterprise environments is highly desirable