"Alerted.org

Sabre Corporation is a leading technology provider to the global travel and tourism industry. Headquartered in Southlake, Texas, USA, Sabre operates offices in approximately 60 countries around the world. At Sabre, we make travel happen. Positioned at the center of the business of travel, our platform connects people with experiences that matter in their lives. Today, Sabre is creating a new marketplace for personalized travel. It is our people who develop and deliver powerful solutions that meet the current and future needs or our airline, hotel and travel agency customers. Join our journey!

Manager of Application Security

Position Description

As the Manager (or Principal since this is a very technical leadership role) of Application Security, you will lead a team of skilled security professionals dedicated to protecting Sabre’s applications and data. In conjunction with the security architecture team, you will drive the strategy and execution of application security initiatives and continuous automation, ensuring robust protection against evolving threats and reduction of developer toil. This role requires expertise in application security and developing secure software solutions, and a leadership mindset that values a happy, healthy, and high-performing innovative team culture—where fun and focus go hand in hand.

Role and Responsibilities:

+ Report to the Director of Application Security, Vulnerability Management, and SOAR.

+ Collaborate with your leader and security architects to understand, establish and execute the application security strategy.

+ Lead, mentor, and develop a team of application security engineers and analysts.

+ Foster a culture of continuous improvement, knowledge sharing, and professional development within the team.

+ Lead application security practices, including SAST/DAST/SCA scanning, onboarding, and support (e.g., Veracode or similar tools), and vulnerability management.

+ Oversee manual and automated application penetration testing, vulnerability assessments, and remediation efforts across the SDLC and CI/CD pipelines.

+ Own the application security roadmap, set team goals, and track key performance indicators (KPIs) for security posture improvement.

+ Participate in security incident response, audit remediation, and application-based access control reviews.

+ Lead or participate in threat modeling sessions for new applications and features.

+ Integrate security checks into CI/CD workflows (e.g., secrets scanning, dependency checks, container scanning).

+ Collaborate with developers and DevOps to implement secure build and deployment practices and drive adoption of automated security tools.

+ Ensure that security gates do not hinder velocity but maintain compliance.

+ Establish and maintain application security standards, baselines, and processes (e.g., Sabre internal policy/standards, OWASP, SANS, CERT, NIST).

+ Provide subject matter expertise in secure coding, application architecture reviews, and threat modeling.

+ Maintain audit readiness and documentation for application environments.

+ Coordinate with global outsourcers and vendors to ensure consistent security practices and effective risk management.

+ Maintain comprehensive documentation of security processes, findings, and best practices.

+ Communicate security risks, strategies, and progress to executive leadership and stakeholders.

Qualifications and Education Requirements:

+ Bachelor’s degree in Computer Science, Information Security, or related field.

+ 7+ years of experience in application security, software engineering, including 1+ years in a leadership role.

+ Strong background in software development and secure coding practices

+ Experience coding in at least some of the following languages… Java, .Net, C#, C++, Golang, PHP, Ruby, other scripting languages.

+ Some proficiency with SAST/DAST/SCA tools (e.g., Veracode), application inventory management, and security frameworks.

+ Some hands-on experience with manual penetration testing, vulnerability assessment, and remediation.

+ Experience working with global outsourcers and managing third-party security engagements.

+ Excellent written and verbal communication skills; ability to present complex security topics to technical and non-technical audiences.

+ Demonstrated ability to manage multiple projects, prioritize tasks, and drive results.

Nice to Have Qualifications:

+ Experience with machine learning/AI for security automation and anomaly detection.

+ Experience with cloud security, automation tools, and CI/CD pipeline integration.

+ Experience with tools like Terraform, Ansible, Jenkins, GitHub Actions, GitDocs

+ Experience with SNOW, RSA Archer.

+ Knowledge of distributed architecture, high-availability systems, and capacity planning.

+ Advanced degree (MS, MBA) or additional leadership training.

+ Relevant certifications: Certified Ethical Hacker (CEH), OSCP, CISSP, GWAPT, GSSP, CASE, CSSLP, CCSP.

Reasonable Accommodation

Sabre is committed to working with and providing reasonable accommodation to applicants with disabilities. Applicants applying for a Sabre position with a disability who require a reasonable accommodation for any part of the application or hiring process may contact Sabre's Compliance Office at [email protected]

Affirmative Action

Sabre is an equal employment opportunity/affirmative action employer and is committed to providing equal employment opportunities to minorities, females, veterans, and disabled individuals. EEO IS THE LAW

Stay connected with Sabre Careers