Application Security Engineering Manager
Synthesia · Europe, UK
Job Description
Application Security Engineering Manager
Synthesia is the world’s leading AI video platform for business, trusted by over 90% of the Fortune 100. Founded in 2017 and headquartered in London, we have offices and teams across Europe and the US. As AI continues to transform how we live and work, Synthesia develops innovative products to enhance visual communication and enterprise skill development. Following a recent Series E funding round of $200 million, our valuation stands at $4 billion.
Location: Remote (Europe) or London Hybrid Work Model: Remote Contract: Permanent Seniority: Senior
About the Role
As Synthesia's engineering and research organization expands, so does the complexity of securing it. Our Application Security (AppSec) team is at the forefront of this challenge, building AI-native security tooling, embedding security into the development lifecycle at scale, and making a highly capable team exceptionally effective.
We are seeking an Engineering Manager to lead and grow the AppSec team. This is a hands-on leadership role, not purely a coordination position. You will lead a team of senior and staff-level engineers who are self-directed and technically excellent. To foster trust and enable their best work, you will need to be deeply engaged with the craft, capable of discussing threat modeling, agentic security tooling, SDLC design, and application risk in detail. You will also own the AppSec strategy and be accountable for scaling the function alongside a rapidly growing product organization that heavily utilizes AI-assisted development.
Key Responsibilities
- Lead, support, enable, and grow the AppSec team, managing hiring, onboarding, performance, and career development for Senior and Staff-level Security Engineers. Your primary focus will be enabling the team's success and providing an optimal environment for their work, rather than dictating daily tasks.
- Own the formalization of AppSec strategy and roadmap, translating team input, business risk, and engineering context into a clear, prioritized program of work with measurable outcomes.
- Act as a credible technical partner to your team, engaging substantively on threat models, security architecture, agentic tooling design, and risk decisions, and being willing to dive into details when necessary.
- Define and maintain the team's operating rhythm, including OKRs, quarterly planning, cross-team coordination, and stakeholder communication up to leadership levels.
- Serve as a key interface between AppSec and the broader organization and leadership, building relationships with business leaders, engineering leads, the Developer Platform team, the Architecture Working Group, and partner functions like Legal and Moderation to embed security into Synthesia's development processes.
- Participate in maintaining and evolving Synthesia's approach to AI-assisted development security, including securing our use of agentic coding tools and assessing the security of AI-generated code.
- Own AppSec's relationship with the broader Security function, ensuring tight alignment with other Infosec teams on shared risks, incidents, and cross-cutting initiatives.
- Represent AppSec externally where relevant, including with customers, auditors, and in the context of compliance programs such as SOC2 and ISO42001.
What We Offer
- Lead a small, senior team with high autonomy, focusing on creating leverage rather than managing a ticket queue.
- Work in a leading AI company with high growth and a collaborative culture.
- Build and ship AI-native/agentic security tooling end-to-end, from prototypes to production systems that significantly impact engineering workflows.
- Operate at the intersection of product, platform, and security architecture, with the scope to shape secure-by-default practices in a rapidly scaling AI company.
- A flexible, remote-friendly role based in Europe or our London hub.
- 25 days of annual leave plus public holidays.
- A generous referral scheme.
- Work-from-home setup support.
- The ability to work from anywhere in the world for up to 60 days per year.
- A significant opportunity for career growth as you help shape a market-defining product.
Requirements
You are a Security Engineer at heart who has grown into leadership. You are comfortable with technical details and know when to get hands-on, possessing the organizational skills to run a team effectively and the strategic clarity to own a function.
- Strong communication skills, capable of operating across diverse audiences, from deep technical discussions with staff engineers to clear risk framing for leadership and pragmatic negotiation with product and engineering partners.
- A strong engineering background in application security, with hands-on experience in areas such as threat modeling, secure design review, (AI-)SAST/SCA tooling, vulnerability management, and/or security automation.
- Proficiency in Python and JavaScript. Experience with AWS and/or GCP from a cloud infrastructure perspective,
✨ This description was enhanced by AI based on the original listing.