Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and develop the Application Security team while embedding security into engineering practices.
- Company: Dynamic tech company in London with a focus on innovation and security.
- Benefits: Competitive salary, annual bonus, hybrid working, and career development opportunities.
- Other info: Join a collaborative environment with a focus on emerging technologies and secure development.
- Why this job: Shape the future of application security and make a real impact in a growing team.
- Qualifications: 5+ years in application security, leadership experience, and hands-on with security tools.
The predicted salary is between 100000 - 100000 £ per year.
City of London (hybrid)
Up to £100,000 per annum + annual discretionary bonus
On behalf of a key client, I am looking for an experienced and forward-thinking Application Security Lead to shape, evolve, and elevate our application security capability. This is a high-impact role where you'll embed security into modern engineering practices, influence technical direction, and enable secure delivery at scale across our organisation.
As the Application Security Lead, you'll take ownership of how application security is delivered across the business, ensuring it is practical, automated, and seamlessly integrated into engineering workflows. Reporting to the Cyber Security Technical Manager, you'll lead a small but growing team while remaining hands-on with tooling, standards, and secure-by-design practices.
The organisation can offer this role on a hybrid working basis with a non-negotiable 3 days per week in their London office, therefore you must be within reasonable commuting distance.
Responsibilities:- Leading, developing, and supporting the Application Security team to deliver high-quality AppSec services.
- Owning and operating application security tooling (including SAST and DAST) to ensure effective coverage across all in-scope applications.
- Embedding automated security testing and guardrails into CI/CD pipelines in partnership with engineering and platform teams.
- Defining and maintaining secure development standards, secure coding guidelines, and threat-modelling practices.
- Providing practical, risk-based security guidance to engineering, product, and architecture teams.
- Working with our Vulnerability Lead to drive identification, triage, and prioritisation of application vulnerabilities.
- Establishing and tracking key AppSec metrics, including remediation timelines and tooling coverage.
- Building and running a security champions programme to scale secure-by-design thinking across engineering.
- Supporting secure architecture and design reviews, especially for cloud-native and API-driven systems.
- Staying ahead of emerging threats, technologies, and development practices-including software supply chain and AI-assisted development.
- 5+ years' experience in an application security, or a related role, including 2+ years focused on AppSec.
- Experience leading, mentoring, or coaching engineers or security professionals.
- Hands-on experience with AppSec tooling (SAST, DAST, SCA, secrets management).
- Experience integrating security controls into CI/CD pipelines (eg, GitHub, AWS DevOps).
- Strong understanding of Agile, DevOps, and cloud-native architectures.
- Practical experience with secure coding, threat modelling, and vulnerability management.
- Strong problem-solving skills and the ability to prioritise risk in line with business needs.
Application Security Lead in London employer: Spencer Rose Ltd
Contact Detail:
Spencer Rose Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Application Security Lead in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend meetups, and engage in online forums. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your work in application security. This gives potential employers a tangible look at what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common AppSec scenarios and challenges. Be ready to discuss how you've tackled security issues in past roles and how you can apply that experience to their team.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Application Security Lead in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Application Security Lead role. Highlight your experience with AppSec tooling and any leadership roles you've had. We want to see how your skills align with what we're looking for!
Showcase Your Experience: In your cover letter, don’t just list your past jobs. Share specific examples of how you've embedded security into engineering practices or led a team. This helps us understand your hands-on experience and problem-solving skills.
Be Clear and Concise: Keep your application clear and to the point. Use bullet points where possible to make it easy for us to read. We appreciate straightforward communication, especially when it comes to complex topics like security!
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s the easiest way for us to track your application and ensure it reaches the right people. Don’t miss out!
How to prepare for a job interview at Spencer Rose Ltd
✨Know Your Stuff
Make sure you brush up on your application security knowledge. Familiarise yourself with SAST, DAST, and the latest trends in secure coding practices. Being able to discuss these topics confidently will show that you're not just a candidate, but a potential leader in the field.
✨Showcase Your Leadership Skills
Since this role involves leading a team, be prepared to share examples of how you've mentored or coached others in the past. Highlight any experiences where you've influenced technical direction or improved processes, as this will demonstrate your capability to lead effectively.
✨Prepare for Technical Questions
Expect some deep dives into your technical expertise, especially around integrating security into CI/CD pipelines. Brush up on your hands-on experience with relevant tools and be ready to discuss how you've implemented security measures in previous roles.
✨Understand the Business Context
It's crucial to align your security strategies with business needs. Be ready to discuss how you've prioritised risks in line with organisational goals and how you can provide practical, risk-based security guidance to engineering and product teams.