Connecting to LinkedIn...

Application Security Lead

Job Title: Application Security Lead
Contract Type: Permanent
Location: Reading, Berkshire
Salary: Negotiable
Start Date: ASAP
REF: App Security Lead_1661504411
Contact Name: Nicole Craig
Contact Email:
Job Published: about 1 month ago

Job Description

Role: Application Security Lead

Location: Reading/Hybrid

Length: Permanent

A leading telecoms company are looking for an experienced Application Security Lead to join their team based in Reading.


  • Provide guidance on application security architecture, DevSecOps best practices & solutions to help business units to build & deliver solutions that meet security requirements.
  • Develop threat models and maturity assessments that can be used to integrate security requirements into projects & operations.
  • Create an application security observability framework to enable greater GSOC visibility by identifying best practices for logging within common application architectures.
  • Define and conduct application security threat and risk assessments with methodology for all deployed solutions with ability to integrate into development pipelines.
  • Conduct Secure SDLC (Software Development Life Cycle) workshops and working groups to facilitate a consistent set of security baselines for application security.
  • Advocate for AppSec and DevSecOps from research conducted into modern threats and new technologies such containerisation and serverless computing.
  • Liaise with security architects and other business units to communicate security practices and processes.
  • Support identification, training, and partnership with champions for security across to build a security first culture.
  • Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities.
  • Support development of training related to application security, security architecture, threat modelling, and secure coding.

Experience & Skills:

  • A University Degree in engineering, computer science or similar technical related area, with vast experience in an AppSec role.
  • Relevant security certification(s), preferably in AppSec, including but not limited to CISSP, CCSLP, GIAC, OCSP, GPEN, etc.
  • You have knowledge and proven experience within Information security, Application security (OWASP), Cloud security, and secure continuous delivery.
  • Experience with the full secure software or systems development life cycle, including requirements analysis, design, integration, testing, and implementation.
  • A deep technical background in large-scale multi-tenant & container based cloud environments.
  • Comfortable with large codebases that are using multiple languages and infrastructure as code.
  • You are comfortable delving into code when needed, review pull requests and stay close to the team's work.
  • A good understanding of business needs and objectives.
  • Ability to drive change and take initiative in a self-sufficient way.
  • Understanding of Agile development and systems thinking.
  • Experienced in defining a strategy to follow and adopting that strategy across large multi-role teams.
  • Outstanding interpersonal skills, and ability to build strong relationships across a dynamic, growing team.
  • Can provide pragmatic technical leadership for a group of fast moving engineers.

Project People is acting as an Employment Agency in relation to this vacancy.