Start Hiring Start Applying
Start Applying

StudySmarter Job Board

Application Security Lead in London
Apply now
Job Board
Companies
Prolific
Application Security Lead

Application Security Lead in London

London Full-Time 70000 - 90000 £ / year (est.) No home office possible
Apply now Go Premium
Prolific

At a Glance

  • Tasks: Lead application security strategy and implement a Secure Software Development Lifecycle.
  • Company: Prolific, a mission-driven tech company focused on security innovation.
  • Benefits: Competitive salary, benefits, and remote working options.
  • Other info: Join a dynamic team with opportunities for professional growth and collaboration.
  • Why this job: Make a real impact in application security while mentoring a talented team.
  • Qualifications: Experience in software engineering and application security with strong coding skills.

The predicted salary is between 70000 - 90000 £ per year.

Prolific is seeking an experienced security professional to own its application security strategy. The role involves defining and driving a Secure Software Development Lifecycle (SSDLC), embedding security across engineering, and providing hands‑on expertise through code review, threat modeling, and security testing. You will manage the Senior Application Security Engineer, oversee compliance programs, and lead cross‑functional initiatives with product, platform, data, TechOps, and legal teams.

Responsibilities

  • Define and implement SSDLC for all product lines.
  • Set standards for security integration in engineering workflows.
  • Lead hands‑on code reviews, threat modeling, and security testing.
  • Manage the Senior Application Security Engineer and mentor the team.
  • Own and maintain the compliance program (ISO 27001, SOC 2).
  • Collaborate with engineering leadership to balance risk and delivery velocity.

Qualifications

  • Several years of software engineering experience with production systems at scale.
  • Several years in application security (testing, code review, threat modelling, vulnerability management).
  • Expert knowledge of OWASP Top 10 (Web & API) and modern attack paths (auth flaws, SSRF, injection, business logic, supply chain).
  • Strong understanding of modern architectures (microservices, APIs, event‑driven systems).
  • Programming in Python for security tooling and automation (Django a strong plus).
  • Hands‑on experience with security testing tools (e.g., Burp Suite) and manual assessment of apps/APIs.
  • Experience building and scaling SSDLCs, including CI/CD tooling (SAST, SCA, DAST, secrets).
  • Experience leading threat modelling and security design reviews.
  • Strong engineering partnership and communication skills.
  • Experience with ISO 27001 / SOC 2 and translating controls into engineering practices.

Nice to have

  • Mentoring or managing security engineers.
  • Experience with Django, Vue.js, MongoDB, GCP.
  • Security champions or bug bounty programmes.
  • Supply chain or infrastructure security (Terraform, Kubernetes).
  • Hands‑on certifications (OSCP, GWAPT, BSCP, CISSP).
  • Experience building AppSec in a scaling company.

Benefits

Competitive salary, benefits, and remote working within a mission‑driven culture.

Application Security Lead in London employer: Prolific

Prolific is an exceptional employer that fosters a mission-driven culture, offering competitive salaries and benefits alongside the flexibility of remote working. As an Application Security Lead, you will not only have the opportunity to shape the security landscape of our products but also benefit from a collaborative environment that prioritises employee growth and mentorship, ensuring you thrive in your career while making a meaningful impact.
Prolific

Contact Detail:

Prolific Recruiting Team

View Prolific Profile

StudySmarter Expert Advice 🤫

We think this is how you could land Application Security Lead in London

✨Tip Number 1

Network like a pro! Reach out to folks in your industry on LinkedIn or at local meetups. You never know who might have the inside scoop on job openings or can put in a good word for you.

✨Tip Number 2

Show off your skills! Create a portfolio or GitHub repository showcasing your application security projects. This gives potential employers a taste of what you can do and sets you apart from the crowd.

✨Tip Number 3

Prepare for interviews by brushing up on common application security scenarios. Be ready to discuss your experience with SSDLC, code reviews, and threat modelling. Practice makes perfect!

✨Tip Number 4

Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.

We think you need these skills to ace Application Security Lead in London

Secure Software Development Lifecycle (SSDLC)
Code Review
Threat Modeling
Security Testing
Compliance Management (ISO 27001, SOC 2)
OWASP Top 10
Vulnerability Management
Microservices Architecture
APIs
Python Programming
Security Testing Tools (e.g., Burp Suite)
Continuous Integration/Continuous Deployment (CI/CD)
Communication Skills
Mentoring or Managing Security Engineers
Infrastructure Security (Terraform, Kubernetes)

Some tips for your application 🫡

Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in application security and SSDLC. We want to see how your skills align with the role, so don’t hold back on showcasing your relevant projects!

Show Off Your Technical Skills: Since this role involves hands-on expertise, be sure to mention your experience with tools like Burp Suite and your programming skills in Python. We love seeing candidates who can demonstrate their technical prowess!

Highlight Collaboration Experience: This position requires working closely with various teams, so share examples of how you've successfully collaborated with engineering, product, or legal teams in the past. We value strong communication skills and teamwork!

Apply Through Our Website: We encourage you to submit your application through our website for a smoother process. It’s the best way for us to keep track of your application and ensure it gets the attention it deserves!

How to prepare for a job interview at Prolific

✨Know Your SSDLC Inside Out

Make sure you can clearly articulate what a Secure Software Development Lifecycle (SSDLC) looks like. Be prepared to discuss how you've implemented it in previous roles and the specific challenges you faced. This shows that you not only understand the concept but have practical experience.

✨Brush Up on OWASP Top 10

Familiarise yourself with the OWASP Top 10 vulnerabilities, especially those relevant to web and API security. Be ready to provide examples of how you've identified and mitigated these risks in past projects. This will demonstrate your hands-on expertise in application security.

✨Showcase Your Leadership Skills

Since you'll be managing a Senior Application Security Engineer, highlight any previous leadership or mentoring experiences. Discuss how you've successfully guided teams through security challenges and fostered a culture of security awareness within engineering workflows.

✨Prepare for Technical Questions

Expect technical questions related to security testing tools and programming languages, particularly Python. Brush up on your knowledge of tools like Burp Suite and be ready to discuss how you've used them in real-world scenarios. This will help you stand out as a candidate who can hit the ground running.

Application Security Lead in London
Prolific
Location: London

Land your dream job quicker with Premium

You’re marked as a top applicant with our partner companies
Individual CV and cover letter feedback including tailoring to specific job roles
Be among the first applications for new jobs with our AI application
1:1 support and career advice from our career coaches
Go Premium

Money-back if you don't land a job in 6-months

>