Position Overview
At Apollo, we’re a global team of alternative investment managers passionate about delivering uncommon value to our investors and shareholders. With over 30 years of proven expertise across Private Equity, Credit and Real Estate, regions and industries, we’re known for our integrated businesses, our strong investment performance, our value-oriented philosophy – and our people.
We are seeking a Director of Application Security to join Apollo’s global Cyber Security & Risk team within Engineering. This leader will define and drive the firm’s application security strategy—strengthening secure development practices, architecture, and runtime environments across a diverse, expanding portfolio.
You will oversee the design and operation of a scalable application security program, partnering closely with engineering, security, and business teams to embed security throughout the software lifecycle. The ideal candidate is a collaborative, strategic thinker who fosters open communication, empowers teams, and drives measurable outcomes.
This is an opportunity to make a meaningful impact within a global cybersecurity organization that is investing deeply in its people, processes, and technology.
Primary Responsibilities
Application Threat Modeling:
Lead threat modeling for new and existing applications to identify risks, recommend mitigations, and ensure control alignment with enterprise standards.
Application Design & Architecture:
Guide teams in secure design principles, validate adherence to security controls, and ensure threat models inform architectural decisions.
Secure SDLC Development & Implementation:
Define and implement secure development lifecycle (SDLC) processes and tools—including SAST, SCA, and secret scanning—and drive adoption across development teams.
Operationalization of Security Tools:
Integrate and maintain security tooling to streamline analysis, reporting, and remediation workflows throughout the software lifecycle.
Application Security Awareness & Enablement:
Build and sustain a security champion program, fostering developer engagement and ensuring teams understand secure coding practices and delivery expectations.
Application Security Testing:
Oversee penetration testing, code reviews, and application assessments to identify vulnerabilities and guide timely remediation.
Governance, Risk, and Compliance:
Establish governance frameworks to ensure compliance with internal security policies, industry standards, and regulatory requirements. Monitor, report, and continuously improve the firm’s compliance posture.
Qualifications & Experience
10+ years of hands-on experience in Application Security, with a strong background in software development (IDE/CLI environments).
Bachelor’s degree in Computer Science, Information Technology, Information Security, or a related field.
Demonstrated success partnering with software development teams to provide security oversight across complex application ecosystems.
Proven expertise with IDEs, version control systems, CI/CD pipeline management, secure SDLC practices, and SaaS-based security tools (SCA, SAST, DAST) as well as application inventory management.
Experience with Snyk and GitHub is highly desirable.
Strong understanding of application architecture, security controls, cloud environments, and penetration testing methodologies.
Exceptional collaboration and critical thinking skills, with the ability to operate effectively in a fast-paced, dynamic environment.
Familiarity with leading security standards and frameworks (OWASP, NIST, ISO 27001, MITRE ATT&CK) and testing tools such as Burp Suite.
Experience working within or alongside regulated industries (e.g., financial services) and understanding their impact on application security practices.
Ongoing commitment to staying informed on emerging threats and trends to proactively enhance security measures.
Professional certifications such as CISSP, CSSLP, CASE, GWEB, or MCSA/MCSE are strongly preferred.
Pay Range
$190,00 - $250,000Apollo Global Management, Inc. (together with its subsidiaries and affiliates) is committed to championing opportunity.
The firm and its affiliates comply with applicable discrimination and equal opportunities legislation in all of its jurisdictions and do not discriminate in employment or recruitment based on race, color, religion, gender, national origin, veteran status, disability, age, citizenship, marital or domestic/civil partnership status, sexual orientation, gender identity or expression or any other protected characteristic under applicable law.
The contents of the qualifications and experience section of this job description are a guideline only. If an applicant can otherwise demonstrate their suitability for the role they will be considered.
The base salary range for this position is listed above. This position is also eligible for a discretionary annual bonus based on personal, team, and Firm performance. Compensation ranges are based on several factors including job function, level, and geographic location. Final offer amounts are determined by multiple factors including candidate experience and expertise, and may vary from the amounts listed here.