This is a fully remote position, open to applicants in United Kingdom.

• Take ownership and enhance the application security function throughout the entire software development lifecycle.

• Incorporate secure-by-design principles into all processes.

• Mitigate risk exposure and bolster cyber resilience in contemporary, cloud-based, and API-driven settings.

• Collaborate at the intersection of security, engineering, and business teams.

• Ensure that application risks are well understood, prioritized, and effectively managed.

• Extensive experience in Application Security, DevSecOps, or Secure Software Engineering.

• Profound knowledge of OWASP Top 10 and various exploitation techniques.

• Practical experience with SAST, DAST, and SCA tools.

• Proven track record of integrating security into CI/CD and SDLC processes.

• Experience with cloud platforms (AWS and/or Azure).

• Ability to translate technical risks into clear business implications.

• Strong skills in stakeholder management and influencing.

• Capable of communicating complex security concepts in a clear and effective manner.

• Experience in securing cloud-native or SaaS platforms.

• Understanding of security risks related to AI/ML.

• Familiarity with Terraform or other Infrastructure as Code (IaC) tools.

• Knowledge of frameworks like NIST or ISO27001.

• Understanding of authentication and authorization frameworks (OAuth2, OIDC, SAML, RBAC/ABAC).

• Experience in large-scale enterprise and regulated environments.

• Desirable certifications include CISSP, CEH, OSCP, OSWE, and Security+.

• Comprehensive benefits package.

• Opportunities for professional development and growth.

• Flexible working arrangements.

• Collaborative and innovative work environment.

Application Security Lead

People also viewed