Information Security Specialist - Technical Lead

Our client renowned for its commitment to innovation, scalability, and cutting-edge technology. Operating at the forefront of digital solutions, they leverage bespoke and third-party systems to drive efficiency and enhance business operations. This is an exciting opportunity to join a forward-thinking organisation that prioritises technological evolution and continuous improvement.

How you'll spend your day

As part of the wider Information Security function, you will play a key role in strengthening application security across the organisation. Working closely with engineering, architecture, and delivery teams, you'll help ensure applications are designed, developed, and deployed with security at the forefront.

Your responsibilities will include:

• Designing and evolving the organisation's application security testing strategy, tooling, and secure coding standards

• Performing advanced manual and automated security testing, including static and dynamic analysis to identify vulnerabilities and logical flaws

• Conducting risk assessments, threat modelling, and security design reviews to ensure robust controls are in place

• Partnering with software development and architecture teams to embed security throughout the secure development lifecycle

• Leading the security review process across projects to ensure risks are identified and mitigated early

• Designing and owning software supply chain assurance processes to identify and manage potential vulnerabilities

• Contributing to and improving security testing methodologies and best practices

• Mentoring junior members of the team and providing technical leadership on security matters

• Identifying opportunities to automate manual security processes and implement tooling to improve efficiency

• Supporting the organisation's adoption of AI-enabled security processes to enhance detection and response capabilities, Should we both wish to proceed, we will submit your details to the client and be in touch regarding the outcome and any further steps.

The interview process for this client consists of:

• Stage 1 - 60-90 minutes technical and competency interview via MS Teams

• Stage 2 - 60-minute interview with hiring manager and head of department focussed on exploring soft skills.

We're looking for an experienced application security professional who combines strong technical expertise with the ability to collaborate effectively across teams.

Key experience and skills include:

• Strong hands-on experience with application security testing, including automated, dynamic, and static testing tools, as well as manual vulnerability assessment

• Deep understanding of OWASP principles and frameworks, including their use within threat modelling and secure development practices

• Experience assessing both proprietary and open-source applications for security risks

• Knowledge of secure development lifecycles and integrating security into engineering workflows

• Experience working with CI/CD pipelines and associated security tooling

• Strong technical understanding of code analysis and vulnerability remediation

• Experience using structured methodologies for web application security testing and reporting

• Ability to mentor team members and provide technical leadership

• Excellent communication and documentation skills, with the ability to explain security risks to technical and non-technical stakeholders

You'll also bring a proactive mindset, a passion for improving security practices, and a collaborative approach to working with development and infrastructure teams.

• Performance-Based Bonus - Annual bonus paid in two instalments (April & September), based on company and personal performance.

• Pension Scheme - Employer-matched contributions of up to 7.5%.

• Hybrid Working - Minimum 2 days per week in the office, with flexibility on which days.

• Flexible Working Hours - 40-hour workweek with flexibility in how hours are structured.

• Generous Annual Leave - 25 days holiday + your birthday off, plus bank holidays. Option to buy or sell up to 5 additional days.