Application Security Lead

Role Overview:

• As Application Security Lead, you will own the security strategy and be the senior security engineering voice, embedding security into the engineering lifecycle.
• You will define the Secure Software Development Lifecycle (SSDLC), set security standards, and conduct code reviews, threat modeling, and security testing.
• This is a player-coach role involving both strategy and hands-on technical work to build a security culture.

Key Responsibilities:

• Manage the Senior Application Security Engineer and oversee the compliance programme alongside security duties.
• Partner cross-functionally with product engineering, platform, data, TechOps, and legal teams to integrate security practices.
• Lead threat modeling, security design reviews, and vulnerability management to protect application-layer assets.

Qualifications and Impact:

• Bring several years of software engineering and application security experience, with expertise in OWASP Top 10, modern architectures, and Python.
• Influence engineering teams through trust, with strong skills in building and scaling SSDLCs, CI/CD tooling, and security automation.
• Communicate clearly across technical and non-technical audiences, with experience in ISO 27001/SOC 2 and potential for growing into a broader security leadership role.