You desire impactful work.
 

You’re RGA ready

RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 200 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

A Brief Overview

This leader will lead and mature two core functions: Secure-by-Design consulting and Secure Coding (AppSec Engineering). This leader will partner deeply with product engineering to make sure teams know their security requirements up front, build secure architectures, and ship secure code. The ideal candidate has a strong software engineering background and can coach developers as peers, not as auditors.
 

This role leads a small team of engineers and architects and report to the Executive Director, Product Security.

What you will do

Strategy & Leadership

• Develop and execute the enterprise application security strategy aligned to business and product outcomes

• Lead, mentor, and grow a high-performing team of application security engineers

• Define KPIs and OKRs for AppSec programs and communicate program health to senior leadership

Secure-By-Design / Product Security Consulting

• Embed into project delivery lifecycles to ensure teams understand security requirements up front

• Partner with architecture, product, and engineering leads to define secure architectures and patterns

• Review threat models, architecture diagrams, and design decisions, and track remediation of design risks

Secure Coding / AppSec Engineering

• Own and mature SAST/DAST/SCA tooling and secure pipeline integrations

• Standardize secure coding practices and libraries/patterns that minimize developer friction

• Oversee triage, prioritization, and drive remediation of static/dynamic findings with engineering teams

• Drive adoption of automation and self-service guardrails (e.g., pipeline enforcement, secrets scanning, etc.)

Cross-Functional Partnership & Culture

• Build strong relationships with software engineering — become a trusted advisor, not a gatekeeper

• Partner with DevOps / Platform Engineering to deploy secure pipeline standards at scale

• Partner with Risk/GRC to validate compliance with PCI, HIPAA, SOX, etc. (where applicable)

• Create educational content and workshops to level up developer secure coding capability

Qualifications

Required:

• Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent experience

• 10+ years in software engineering, application security, or product security

• 2+ years management experience. Highly advanced people management skills, demonstrative the ability to lead, mentor, and develop associates; including the ability to delegate key areas of responsibility.

• Deep hands-on experience writing and reviewing production code (preferably modern cloud native stacks)

• Proven experience maturing secure SDLC practices, pipelines, or developer tooling at scale

• Demonstrated ability to lead, mentor, and grow a small technical security team

• Familiarity with SAST/DAST/SCA tools, threat modeling, secure architecture patterns, and CI/CD pipelines

• Advanced project management skills. Demonstrates ability to evaluate Cyber Security project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan.

• Advanced oral and written communication skills, demonstrating the ability to convey business terminology that is meaningful and well received by the customer.

• Advanced investigative, analytical and problem-solving skills; Ability to quickly adapt to new methods, work under tight deadlines and stressful conditions.

• Ability to work well within a team environment, participate in department/ team projects and balance detail with departmental objectives. Ability to resolve conflict and foster teamwork.

• Advanced ability to liaise with individuals across a wide variety of operational, functional and technical disciplines. Advanced ability to manage multiple projects and/or teams simultaneously.

Preferred:

• Master’s degree in Arts/Sciences (MA/MS)

• Experience in regulated environments (PCI, HIPAA, SOX)

• Experience with modern DevOps toolchains (GitHub, Jenkins, Azure DevOps, etc.)

• Experience driving culture change with engineering orgs (enablement > audit)

• LOMA certification

#LI-CW1

#LI-Hybrid
#LI-Remote

What you can expect from RGA:

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.

• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.

• Join the bright and creative minds of RGA, and experience vast, endless career potential.

We’re excited to get to know you and connect your unique skills with our global opportunities. To create a modern and seamless experience, we use artificial intelligence (AI) in parts of our preliminary screening process. This technology helps us personalize job recommendations, automate interview scheduling, evaluate candidates based solely on experience—without considering name, gender, or other personal details—and provide real-time answers through our chatbot. AI is used only during early screening and never makes hiring decisions. Your RGA recruiter will work closely with you every step of the way to ensure the process feels personal, thoughtful, and focused on you.

Compensation Range:

$123,500.00 - $184,050.00 Annual

Base pay varies depending on job-related knowledge, skills, experience and market location. In addition, RGA provides an annual bonus plan that includes all roles and some positions are eligible for participation in our long-term equity incentive plan. RGA also maintains a full range of health, retirement, and other employee benefits.

RGA is an equal opportunity employer. Qualified applicants will be considered without regard to race, color, age, gender identity or expression, sex, disability, veteran status, religion, national origin, or any other characteristic protected by applicable equal employment opportunity laws.