Application Security Lead

The Lead Application Security position is responsible for providing technical leadership in securing software applications across the organization. This role involves implementing security policies, conducting security assessments, and working closely with development teams to ensure applications are designed and maintained with robust security measures. The Lead Application Security works with development teams to integrate security best practices throughout the software development lifecycle, helping to mitigate risks and protect organizational data and systems.

Certification must have :

CISSP, CSSLP, GWAPT, OSCP, CKS, Cloud Security certifications (AWS Security, Azure Security, or GCP Security) preferred

• Lead the technical implementation of application security initiatives, ensuring alignment with organizational security strategy
• Design and implement security controls throughout the software development lifecycle (SDLC)
• Conduct detailed threat modeling and risk assessments for critical applications
• Perform advanced code reviews, penetration testing, and vulnerability assessments
• Lead the remediation of security vulnerabilities and track resolution progress
• Deliver application security training and mentor junior team members
• Monitor emerging threats and vulnerabilities, recommending appropriate security measures
• Collaborate with development and operations teams to embed security in the SDLC
• Provide technical guidance and mentorship to application security team members
• Implement and maintain container security policies and best practices
• Assess and enhance security measures for containerized applications
• Review and secure cloud-native application architectures
• Security Testing: Advanced experience with SAST, DAST, and IAST methodologies
• DevSecOps: Experience integrating security into CI / CD pipelines
• Security Frameworks: In-depth knowledge of OWASP, NIST, and ISO 27001

• You have at least 6 years experience, ideally within a IT Security role.
• You have good interpersonal and communication skills and are adept at working with multiple stakeholders to drive desired outcomes.
• You have working knowledge of security testing, SAST, OWASP, ISO 27001 and CI / CD
• You are a strong networker & relationship builder
• You possess strong analytical skills and are comfortable dealing with numerical data
• You are a strong team player who can manage multiple stakeholders

• Leadership Role
• Excellent career development opportunities