Senior Manager, Application Security

About the role:

Samsara is looking for an experienced Senior Engineering Manager to lead our Application Security program. This role will oversee the Application Security, Vulnerability Management, and Security Assessment teams—core functions that protect our customers and the integrity of Samsara’s platform. Together, these teams ensure secure-by-default development, proactive vulnerability reduction, and resilient defenses across cloud infrastructure, firmware, and corporate applications.

This role combines technical leadership and security expertise to drive Samsara’s Application Security strategy at scale, supporting millions of connected devices and the critical data they generate. You will shape and deliver initiatives including bug bounty and responsible disclosure, threat modeling, SAST/SCA pipelines, and vulnerability management programs.

As a manager, you’ll guide a globally distributed team of engineers, mentor and grow technical leaders, and own the systems that underpin our secure development lifecycle. You will partner closely with Product and Engineering leadership to embed security early in the design process and ensure smooth developer workflows. This is a high-impact role that sits at the intersection of engineering excellence, security, and customer trust.

This is a remote position open to candidates residing in the US except the San Francisco Bay Metro Area, NYC Metro Area, and Washington, D.C. Metro Area.

You should apply if:

• You want to impact the industries that run our world: The software, firmware, and hardware you build will result in real-world impact—helping to keep the lights on, get food into grocery stores, and most importantly, ensure workers return home safely.
• You want to build for scale: With over 2.3 million IoT devices deployed to our global customers, you will work on a range of new and mature technologies driving scalable innovation for customers across industries driving the world's physical operations.
• You are a life-long learner: We have ambitious goals. Every Samsarian has a growth mindset as we work with a wide range of technologies, challenges, and customers that push us to learn on the go.
• You believe customers are more than a number: Samsara engineers enjoy a rare closeness to the end user and you will have the opportunity to participate in customer interviews, collaborate with customer success and product managers, and use metrics to ensure our work is translating into better customer outcomes.
• You are a team player: Working on our Samsara Engineering teams requires a mix of independent effort and collaboration. Motivated by our mission, we’re all racing toward our connected operations vision, and we intend to win—together.

In this role, you will: 

• Manage and grow the Application Security, Vulnerability Management, and Security Assessment teams.
• Define and deliver Samsara’s application security strategy, ensuring secure-by-default practices across cloud and firmware environments.
• Serve as a technical leader, particularly in Go security practices, while empowering engineering teams with scalable and efficient controls.
• Partner with Product and Engineering to embed security into CI/CD pipelines and developer workflows.
• Drive execution of key initiatives:

* Bug bounty and responsible disclosure programs.

* Threat modeling for critical features and infrastructure.

* SAST/SCA pipelines and developer tooling for secure code.

* Vulnerability management workflows and remediation programs.

* Security reviews of product infrastructure, internal systems, and corporate applications.

Minimum requirements for the role:

• 8+ years of experience in security engineering, with at least 3+ years as a direct people manager leading engineering or security teams. 
• Strong track record of building and scaling Application Security programs in SaaS environments.
• Deep technical expertise (highly proficient) in Go and modern application stacks.
• Hands-on experience with SAST/SCA tools (e.g., Semgrep, CodeQL, Snyk) and CI/CD integrations.
• Demonstrated success leading vulnerability management programs from detection through remediation.
• Proven ability to run and act on threat modeling exercises.
• The ability to mentor senior engineers and grow future technical leaders.
• Excellent communication and stakeholder management skills, with experience influencing at senior leadership levels.

An ideal candidate also has:

• Experience with firmware or embedded security in addition to SaaS.
• Background in running external-facing security programs (bug bounty, responsible disclosure, customer security reviews).
• Experience navigating compliance frameworks (FedRAMP, ISO, SOC2, etc.).
• A track record of engaging with the broader security community through talks, publications, or open-source contributions.