Ready to join a team that’s all in? At Imprivata, we deliver unified access and security management programs that eliminate friction, empowering healthcare and mission-critical organizations to work smarter, faster, and more securely.
We believe work can be more than a job or task—it’s a collective spirit; the type that emboldens creativity, embraces challenge, and fosters excitement. We are constantly raising the bar on what’s possible, owning the outcome of our triumphs and trials, staying nimble amidst change, and cultivating an environment where we win together. Here, your ideas matter, your differences are celebrated, and your work drives real results—for your career, your teammates, and our customers.
When you join Imprivata, you embark on a shared journey of ambition and growth. We’re committed to building an inclusive workplace where everyone feels valued and supported. If you’re looking for a place to match your passion with purpose—and where every day you can make an impact—you’ll find it here.
We are seeking a Senior Manager, Application Security to join our team. This is a hybrid opportunity based out of our Waltham, MA office.
Job Summary
Duties and Responsibilities
- Lead and scale the application security program across products, embedding secure-by-design and shift-left practices throughout the SDLC.
- Manage, mentor, and set direction for the AppSec team, including priorities, goals, and operating cadence.
- Act as a senior technical authority on secure architecture, coding, threat modeling, vulnerability management, and remediation.
- Define and drive the roadmap for AppSec tooling and automation, including implementation, adoption, and optimization.
- Integrate security controls into engineering workflows, CI/CD pipelines, code reviews, and release processes.
- Oversee penetration testing programs, validate findings, and ensure timely, accountable remediation.
- Develop and report on AppSec metrics, dashboards, and executive-level insights on risk and program maturity.
- Promote security awareness through training, guidance, and active engagement with engineering and product teams.
- Support incident response and investigations, providing leadership on containment, root cause, and corrective actions.
- Collaborate cross-functionally and act as a player-coach, influencing leaders while balancing strategic direction with hands-on execution and staying current on emerging threats.
- Other duties as assigned and required.
Required Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, Information Systems, or a related technical discipline.
- 8+ years of relevant experience in application security, product security, or software security, including 2+ years leading and developing a team.
- 3+ years of prior software development, software quality, DevOps, security engineering, penetration testing, or similarly technical experience that enables credible partnership with engineering teams.
- Demonstrated experience leading or scaling an application security program in a product or software-driven environment.
- Deep working knowledge of secure SDLC practices, vulnerability management, threat modeling, code review concepts, application security testing methodologies, and remediation prioritization.
- Experience implementing and operating AppSec tools such as SAST, DAST, SCA, secrets scanning, container or IaC scanning, API security tooling, or related developer-facing security platforms.
- Strong written and verbal communication skills, including the ability to present security tradeoffs and program metrics to technical teams, senior leadership, and external partners.
- Experience with common security, privacy, and compliance frameworks relevant to software products, such as OWASP guidance, PCI DSS, SOC 2, ISO 27001, HIPAA, or similar standards.
- Experience evaluating or applying generative AI in the context of AppSec, secure development, security review, developer enablement, or vulnerability analysis.
- Experience leading AppSec in multi-product SaaS or highly regulated environments, with strong exposure to customer and third-party security assessments.
- Hands-on expertise in cloud-native and API security, CI/CD tooling, and integrating security into developer workflows.
- Proven ability to build security metrics, governance, and executive reporting, supported by relevant industry certifications (e.g., CISSP, CSSLP, CISM, CCSP).
This position offers a total compensation range of $230,000.00 to $240,500.00 (inclusive of base salary and variable compensation, such as bonuses and incentives). In addition, more information about Imprivata’s benefit offerings can be found here. This range represents the high and low end of Imprivata’s compensation range for this position. Actual compensation will vary and may be above or below the range based on various factors, such as a candidate’s location, skills, experience, and qualifications.
At Imprivata, we have a top-notch work environment, developmental opportunities, a competitive total rewards package, and the desire to have fun. If you have the skills and qualifications as we have described above, we want to hear from you!
Imprivata provides equal employment opportunities, regardless of race, religion, age, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
#LI-Hybrid #LI-SF1
Skills Required
- Bachelor's degree in Cybersecurity, Computer Science, Software Engineering, Information Systems or related discipline
- 8+ years of experience in application security, product security, or software security
- 2+ years leading and developing a team
- Deep working knowledge of secure SDLC practices and vulnerability management
- Experience with AppSec tools such as SAST, DAST, and API security tooling
- Strong communication skills for presenting metrics and security tradeoffs
- Experience with security frameworks like OWASP, PCI DSS, SOC 2
What the Team is Saying
.jpg)
.jpg)
Imprivata Compensation & Benefits Highlights
-
Healthcare Strength — Healthcare coverage includes company funding of 50% of the medical plan deductible via HSA/HRA, plus dental, vision, an EAP for mental health, and coverage for domestic partners and dependents.
-
Parental & Family Support — Paid parental leave is described as fully paid for birthing parents with additional paid bonding leave for adoptive, foster, and non‑birthing parents, and family care is supported through a free Care.com membership.
-
Leave & Time Off Breadth — Time off options include a flexible time‑off policy with no set vacation bank alongside paid holidays and paid sick days, with some sources also noting paid volunteer time.
Imprivata Insights
What We Do
For more than two decades, Imprivata has been redefining how life- and mission-critical industries secure and manage digital identities. We empower healthcare and enterprise organizations to enable fast, compliant, and secure access to technology—allowing clinicians and staff to stay focused on what matters most: patient care and operational excellence. Our digital identity platform is purpose-built for complex environments where every second counts and security can never take a back seat. From authentication and access management to device, application, and identity governance, Imprivata provides a unified approach that balances usability with protection. Trusted by the world’s leading healthcare systems and enterprises in over 45 countries, we deliver solutions that improve efficiency, safeguard data, and drive digital transformation. At Imprivata, our commitment goes beyond technology—we partner closely with our customers to ensure their success, every step of the way.
Why Work With Us
At Imprivata, every voice matters. We’re a global team driven by innovation, compassion, and collaboration. Together, we live our values—Raise the Bar, Own the Outcome, Stay Nimble, and Win Together—while making a real impact on healthcare, technology, and the communities we serve.
Gallery
Imprivata Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Imprivata offers a flexible hybrid work model with three in-office days and two remote. Collaboration is key, and schedules are coordinated with managers to balance flexibility and connection.
