Career Level Manager
Job Title: Head of Application Security
Location: London – Hybrid
Salary: £95,000 – £110,000
My client is looking for a Head of Application Security to join their business on a permanent basis. You will support both the Director of IT Service Delivery in the protection of the Confidentiality, Integrity and Availability of information held and processed by or on behalf of the business. The Head of Cyber Security will lead the delivery of local security initiatives, reporting, monitoring and incident handling whilst ensuring alignment with Group Security Policies, strategies and requirements.
Duties and responsibilities:
pro-actively discovering vulnerabilities in existing/new systems
creating PoCs that confirm its impact
proactively working with development teams in addressing vulnerabilities, by creating pull requests with the proposed fixes (key objective is to avoid overloading engineers with security-focused changes)
providing deep technical guidance on how to eradicate similar vulnerabilities from the code-base
Leverage existing technology and products to embed security checks for vulnerabilities in the CI/CD pipelines
ultimately making sure that development (and DevOps) teams write secure code by design, by default and in deployment.
SSDL (Secure Software Development Lifecycle)
AppSec maturity models
AppSec activities (Dast, SAST, IAST)
Application security reviews
CI/CD pipeline integrations and automations
Security Champions/Ambassadors network
Compliance as code
Infrastructure as code
Incident Response (for Application based attacks)
Attack Surface Reduction
Stakeholder ownership of vulnerabilities and risks
Skills and Experience
effective communication and presentation skills
passion for creating highly motivated teams, focused, productive, with a strong work-life balance and aligned on common OKRs (objectives and key results)
senior stakeholder management
ability to translate highly complex concepts into audience-specific and targeted materials (i.e. easy to understand by that audience)
engineering experience, namely on how to effectively use technology to scale and automate processes
passion for cyber security, diagrams and data visualisation
being a 'Pioneer' and 'Settler', by driving innovation and also knowing how to take innovation and productize it (Pioneer and Settler as defined by Wardley Mapping)
If you are interested in the Head of Application Security role, please apply/email me with your latest CV, salary expectations and availability as soon as possible.
Email , or call Jeremy at Modis on (phone number removed) for further information.
Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law.
Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers.
By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website