Lead Application Security Engineer

Lead Application Security Engineer

Location: Bristol or London (3 days per week on-site)
Salary: £100,000 + excellent benefits

An established and highly regarded financial services organisation is seeking a Lead Application Security Engineer to play a key role in risk management and remediation across a major technology transformation programme. This large-scale programme is expected to run for 3-5 years, offering the successful candidate significant technical exposure, long-term impact, and strong opportunities for career progression.

This is a hands-on, player-manager role, ideal for someone who enjoys remaining technically involved while also mentoring and guiding an Application Security team. Working closely with one of the flagship transformation initiatives, you'll partner with security, engineering, and technology stakeholders to help define and deliver the future application security strategy and roadmap.

The Role

As Lead Application Security Engineer, you will balance technical leadership with day-to-day delivery, ensuring that secure-by-design principles are Embedded across the software development life cycle.

Team Leadership & Collaboration

• Lead, mentor, and support the Application Security team, fostering a collaborative and high-performing environment
• Take a pragmatic, risk-based approach to embedding security across the SDLC
• Build strong working relationships with engineering, architecture, platform, and product teams to provide practical, proportionate security guidance
• Set priorities for the AppSec function to ensure services deliver measurable value and impact

Application Security Technical Authority

• Act as the subject matter expert for application security across the organisation
• Ensure security controls are integrated early into CI/CD pipelines
• Own and operate AppSec tooling, including DAST, SAST, SCA, and related technologies, ensuring appropriate coverage for in-scope applications
• Define, implement, and maintain secure development standards, including threat modelling and secure coding practices for applications and APIs
• Partner with Vulnerability Engineering to support identification, triage, prioritisation, and remediation in line with agreed risk appetite and SLAs

About You

We're looking for an experienced Application Security professional with a strong technical foundation and proven leadership capability.

You'll bring:

• Experience in a Lead or Senior Application Security role of comparable scale and responsibility
• Strong background in Application Security or Secure Software Development
• Demonstrated experience leading, coaching, or mentoring technical teams
• Hands-on experience implementing and operating AppSec tooling (eg SAST, DAST, SCA, secrets management)
• Proven experience integrating security controls into CI/CD pipelines (eg using AWS DevOps or GitHub-based workflows)
• Deep understanding of secure coding practices, threat modelling, and vulnerability management in production environments
• Solid knowledge of modern software development methodologies and cloud-native architectures

Why Join?

• Be part of a long-term, high-profile transformation programme
• Broad technical exposure across modern platforms and development practices
• Clear opportunities for progression in a growing security function
• Competitive salary and a strong benefits package

If this opportunity sounds like a good fit for you, apply now.

We actively encourage applications from individuals from underrepresented groups and are committed to supporting accessibility needs. For more information, please apply directly or contact Abigail Moss.

Provide your feedback on BizChat