Application Security Team Lead

Company Description

🚀 SmartRecruiters transforms hiring for the world’s leading enterprises. We deliver an AI-powered hiring platform built for global scale, automating and optimizing the entire talent acquisition process. More than 4,000 companies, including LinkedIn, McDonald's, VISA, CD Projekt Red, Allegro rely on SmartRecruiters to build winning teams. 

🚀 In 2025, SmartRecruiters joined SAP, the global leader in enterprise applications. Together, we are accelerating the reinvention of hiring by combining AI innovation with the scale and resources of SAP’s ecosystem.

We designed our R&D structure based on the empowered product teams model. It means our teams are responsible for business outcomes and have autonomy in solving problems in the way that “customers love yet work for the business” (yes, we are heavily influenced by this and that).

Job Description

We are looking for an Application Security Team Lead to own and drive our application security program while leading a small, high-performing team of security engineers. This is a hands-on leadership role- you will be equally comfortable conducting penetration tests and threat models as you are setting team direction, mentoring engineers, and partnering with stakeholders across the organization.

You will be responsible for the strategy, execution, and continuous improvement of application security across our products, APIs, and AI-powered services. You will lead a team of 2 to 4 security engineers, helping them grow while ensuring the team delivers measurable impact on the organization's security posture.

If you thrive at the intersection of deep technical work and people leadership- and want to shape how security is done, not just do it- this role is for you.

You may be located anywhere in Poland and work remotely or out of our Cracow office.

What you’ll deliver:

• Lead and grow a team of Application Security Engineers, setting direction, coaching, and owning the AppSec roadmap and KPIs

• Drive end-to-end application security: threat modeling, design reviews, internal pen-testing, manual/automated code reviews, and security testing (SAST/DAST/IAST/SCA)

• Own vulnerability management and bug bounty: define processes and SLAs, triage and validate findings, and drive remediation with engineering teams

• Define and optimize the AppSec tooling stack, integrating security deeply into CI/CD and developer workflows to “shift left” without slowing delivery

• Secure AI/ML features and LLM integrations, assessing AI-specific risks and defining guardrails and best practices for safe adoption

• Set secure coding standards (OWASP) and scale a security-first culture through training, documentation, and security champion initiatives

We want you to:

• Make a difference

• Have a positive, can-do attitude

• Do the right thing, not the "easy" thing

• Give and receive support from our awesome engineering team

Qualifications:

• Significant professional experience in Application Security, Product Security, or Secure Software Development, with a demonstrated track record of leading or mentoring security engineers

• Proven ability to lead a small team- set priorities, delegate effectively, develop people, and deliver results through others while staying technically hands-on

• Deep understanding of common vulnerability classes (injection, broken access control, cryptographic failures, SSRF, etc.) and secure design principles

• Strong hands-on experience with penetration testing of web applications, APIs, and modern cloud-native architectures

• Solid knowledge of authentication, authorization, cryptography, and API security patterns

• Experience building or maturing an application security program- defining processes, tooling strategy, and metrics.

• Experience with security testing methodologies and tools across SAST, DAST, IAST, and SCA

• Familiarity with microservices architectures and cloud environments, particularly AWS

• Excellent communication skills- able to articulate technical risks to engineers, translate security priorities for leadership, and build trust across teams

Benefits:

• We support 100% remote work with Wi-Fi reimbursement and an additional stipend for the equipment (the MacBook laptop is provided by us)

• Unlimited vacation days (yes - it's really unlimited)

• Private Medical Care for you and your dependents (Luxmed)

• Wellness Programme (Multisport Card and even more)

• Company-wide shutdowns in August and around Christmas

Additional information

SmartRecruiters is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.