Lead Application Security Engineer

Lead Application Security Engineer

Bristol or London - 3 days a week on site

£100,000 + great benefits

An impressive financial services business is looking to hire a Lead Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. The successful Lead Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Lead Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of technology changes moving forward. This is very much a play-manager role with the Lead Application Security Engineer being hands on day to day but also providing support and guidance to the rest of AppSec team

Lead Application Security Engineer- Duties and Responsibilities

The successful Lead Cloud Security Engineer will have responsibilities covering:

Team Leadership

• Support the existing team, providing mentoring and fostering a collaborative team environment
• Take pragmatic risk-based approach to supporting the wider technology teams with the SDLC
• Foster strong relationships with engineering, architecture, platform and platform management to provide practical risk appropriate guidance
• Set the priorities for the AppSec team to make sure that the delivery of the AppSec services is impactful

Application Security Technical Authority

• Act as the SME and for application security in the business and ensure that security controls are adopted early into the CI/CD pipelines
• Own and run the DAST, SAST and other AppSec tooling to ensure effective coverage across all in scope applications
• Create, roll out and maintain secure development practices and standards including threat modelling, secure coding practices for all applications and APIs
• Collaborate with the Vulnerability Engineering Lead to support the identifications, triages, and remediation programs in alignment with risk appetite, appropriate prioritisation and agreed SLAs

Lead Application Security Engineer - Your Background

The ideal Lead Application Security Engineer will have:

• Experience in a similar role, in both responsibility and scale
• Proven experience in Software Security Development or Application Security
• Proven experience in leading/coaching a team
• Hands on experience with implementing and operating AppSec tooling eg SAT and DAST, secret managements, and SCA
• Extensive experiences of integrating security into the CI/CD pipeline eg using AWS DevOps or GitHub
• Strong history of secure coding practices, threat modelling and vulnerability management in production
• Strong understanding of modern software development practices

If this sounds like the role for you, hit the apply button NOW!

We invite individuals from underrepresented groups to apply for any of our roles and are committed to supporting accessibility needs. Please click the apply button now or contact Abigail Moss for more information