Director of Application and Product Security

US TX Austin
Information Technology – Information Security Engineering /
Employee - Regular/Permanent /
Hybrid
Apply for this job
Inclusion at Bumble Inc. 

Bumble Inc. is an equal opportunity employer and we strongly encourage people of all ages, colour, lesbian, gay, bisexual, transgender, queer and non-binary people, veterans, parents, people with disabilities, and neurodivergent people to apply. We're happy to make any reasonable adjustments that will help you feel more confident throughout the process, please don't hesitate to let us know how we can help.
In your application, please feel free to note which pronouns you use (For example: she/her, he/him, they/them, etc).



At Bumble, we are seeking a forward-thinking Head of Application and Product Security who will not only empower our secure SDLC but also align closely with our Trust and Safety team to protect user data and proactively prevent abuse. This role requires an inspirational leader capable of integrating cutting-edge security practices into our AI-enhanced platforms across mobile and web environments. 

You should be inspired by Bumble’s mission to create kind connections and deeply understand the complexities of doing that securely and safely.

You are able to make complex topics simple through your domain knowledge and expertise. You help others navigate these complex topics to make good decisions based on data and when that data doesn’t exist you are able to make decisions and stand by them. You are a humble expert with a sense of urgency to make things happen and bring others along with you.
You are empathetic to the challenges of software engineering and work with engineering leaders to build security in by design and are accountable to ensure your team is an authoritative source of risk analysis and prioritization.

You want to bring your experience in application and product security to new cross-functional domains like trust and safety, billing and payments and AI-powered technologies in the security domain.

What you'll do

    • Responsible for the continuous development of an advanced secure SDLC framework, incorporating automation, machine learning, and contextual threat analysis.
    • Ensure that any software developed and/or deployed meets the high standards expected to ensure the security and privacy of our customers.
    • Enhance Bumble Inc.’s mobile and web application defences using the latest techniques in software composition, static and dynamic testing and threat modeling for systems written in Kotlin, Swift, PHP, Go and C.
    • Conduct sophisticated security assessments and penetration testing to preemptively identify and mitigate potential threats.
    • Lead and expand the application and product security team, fostering a culture of continuous learning and innovation in security practices.
    • Collaborate extensively with our Trust & Safety area (including Product, Technical, Legal, Ops, and Policy) to develop technologies and processes that safeguard user interactions and data privacy across all platforms.
    • Regularly update and present to senior management on security posture and product incident response.
    • Own key metrics around product security incidents, and risk trends in the codebase.
    • Supervise the application security efforts across the software engineering teams, providing technical guidance, and manage the application security budget and drive a security-first approach to software development and delivery.
    • Promote active, continuous learning and improvement within your team. Cultivate team members’ growth through feedback, coaching, and career development.
    • Manage multiple concurrent projects while effectively solving problems that cross product boundaries.
    • Establish strong partnerships and champion quality throughout a cross-functional organization to support the best possible security and engineering outcomes.
    • Support developer productivity, through training, driving solutions and tooling.

Required Experience and Skills

    • Bachelor’s degree in Computer Science or related technical field; or relevant certifications such as OSCP, or equivalent publicly verifiable practical experience.
    • Demonstrated experience in managing application security in high-stakes environments, preferably with exposure to both consumer and enterprise applications.
    • Deep technical expertise in modern mobile app security, legacy and modern application architectures (e.g., microservices, containerization).
    • A strong understanding of social engineering and other user-centered attack vectors. A track record of successful collaboration with trust and safety teams is a strong plus.
    • Strong expertise in software engineering best practices.
    • Experience in managing highly skilled application security assessors or engineers.
    • Strong written and verbal communication skills, with high attention to detail.

About You

    • A subject matter expert on security-critical areas such as authorization, authentication, and/or cryptography.
    • Excellence as a great teammate who thrives in a collaborative environment.
    • Ability to communicate with empathy when delivering constructive feedback to engineers.
    • Be a constant learner who looks to solve interesting and challenging problems.
    • Humble expert with a sense of urgency.
    • Skilled at taking complex topics and making them simple.
    • Transparent judgement and stands behind their decisions, right or wrong.
    • An ability to lead in a matrixed organisation.
$240,000 - $257,500 a year
About Us
Bumble Inc. is the parent company of Bumble Date, BFF, and Badoo. The Bumble platform enables people to build healthy and equitable relationships, through Kind Connections. Founded by Whitney Wolfe Herd in 2014, Bumble was one of the first dating apps built with women at the center and connects people across dating (Bumble Date) and friendship (BFF). BFF is a friendship app where people in all stages of life can meet people nearby and create meaningful platonic connections and community based on shared interests. Badoo, which was founded in 2006, is one of the pioneers of web and mobile dating products. 

AI in Bumble Inc. Hiring 
At Bumble, we may use AI tools to support parts of our recruitment process — such as helping us record, transcribe, and summarize conversations, and supporting job alignment by comparing resumes and job descriptions to highlight skills and potential roles that may be a good match. These tools help us work more efficiently and stay focused on you during our conversations. Importantly, all hiring decisions are made by people. AI is used only to support our team’s efficiency and improve the candidate experience — not to evaluate or decide on your candidacy. Participation in AI-supported interviews and conversations is completely voluntary and will not impact your candidacy. If you’d prefer to opt out, simply let your recruiter or interviewer know at the start of a call, or anytime during the interview or conversation. Summaries and related data are retained only as long as needed in line with our internal data retention policies. If at any point you’d like a transcription or summary deleted, please contact your recruiter directly.
For further information on how we hold and manage your data, please refer to our Privacy Policy.
Apply for this job

Bumble Inc. Home Page

Jobs powered by Lever logo