Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead application security initiatives and ensure secure software development practices.
- Company: Join Unily, a leader in Employee Experience transformation for iconic brands.
- Benefits: Enjoy a competitive salary, flexible work options, and generous holiday allowance.
- Why this job: Make a real impact on security in a dynamic tech environment.
- Qualifications: Experience in application security and strong knowledge of secure development practices.
- Other info: Be part of a diverse team committed to sustainability and community impact.
The predicted salary is between 36000 - 60000 Β£ per year.
Unily partners with the world's largest and most complex enterprises to power Organizational Velocity through digital Employee Experience transformation. Iconic brands, including EstΓ©e Lauder Companies, CVS Health, and British Airways, use Unily's market-leading Employee Experience platform to improve productivity, streamline communication, and foster a highly connected workplace. Unily is the only triple leader recognized by all three of the major analysts. Unily is recognized as a Leader in the 2024 Gartner Magic Quadrant for Intranet Packaged Solutions, the 2024 Forrester Wave: Intranet Platforms, and the IDC MarketScape: Worldwide Experience-Centric Intelligent Digital Workspaces 2024. With these accolades, we continue to grow and expand our employee community with people who are passionate about joining us on this exciting journey.
As we continue to expand our market share in the rapidly emerging Employee Experience platform category, we are looking for an Application Security Manager. This role is responsible for building and executing a comprehensive application security programme that combines strategic oversight with hands-on technical execution. The Application Security Manager ensures that security is embedded throughout the software development lifecycle (SDLC), enabling Unily to deliver secure products at speed.
The Application Security Manager will define and enforce secure development policies and practices, establish privacy by design principles, and manage the risk and escalation process. They will actively engage in technical assurance activities such as threat modelling, application testing, dependency analysis, cloud and container security assessments and CI/CD pipeline hardening. The role will act as both a strategic partner to leadership and a trusted advisor to engineering teams, being a customer facing point of contact when required.
Main Responsibilities
- Define and maintain secure development policies and privacy by design requirements
- Own the risk acceptance and escalation process, maintaining the risk register
- Develop and measure the application security strategy leveraging frameworks such as OWASP SAMM
- Support RFPs and sales responses on application security matters
- Lead and coordinate external penetration testing engagements and remediation follow up
- Drive risk-based prioritisation, assigning and validating CVSS scores
- Deliver and manage secure development training programs
- Conduct and facilitate threat modelling and architecture and design security reviews
- Perform or coordinate application security testing
- Generate and manage software bills of materials (SBOMs) to manage supply chain risks
- Ensure build verification and oversee IaC and container/Kubernetes scanning within pipelines
- Provide guidance on secure cloud-native architectures
- Evaluate and apply security testing tools and techniques (e.g. Burpsuite, fuzzing, IaC scanners, Static Analysers)
- Contribute to security metrics, reports and dashboards
- Collaborate with engineering, operations and product teams to embed security best practices throughout the whole SDLC
Requirements
- Proven experience in application security
- Strong knowledge of secure software development practices, DevSecOps and CI/CD security integration
- Hands on experience with application security testing tools and techniques (e.g. SAST, DAST, Dependency checkers, IaC scanners, secret detection, container security tools)
- Understanding of threat modelling, architecture and design reviews and offensive security principles
- Familiarity with compliance and regulatory frameworks
- Experience with risk acceptance processes, CVSS scoring and vulnerability management
- Experience managing external penetration testing vendors
- Familiarity with SBOMs and software supply chain security
- Strong background in cloud and container security
- Ability to communicate with technical and non-technical stakeholders
- Knowledge of data privacy regulations and GDPR, and how they intersect with application security
- Certifications such as CISSP, CSSLP, OSWE, OSCP or equivalents
- Degree in computer science, cyber security, related fields or equivalent experience
We are united by a shared purpose and are committed to truly understanding each other. We know that everyone is unique and has their own story. We strive to have a diverse workforce that embraces and celebrates one another. We are united in building connections and curious to learn from each other so that we continue to grow together to build the workplace of tomorrow.
Why Work For Unily?
- Our awesome team culture. We are focused on achieving results as a team and having fun while we do it. You won't find a friendlier or more dedicated bunch of people.
- Our industry leading product. We are very proud of our ever-evolving product, naturally we use (and love) it internally and provide the tools and resources for you (and our clients) to become a Unily expert.
- The flexibility that we offer. We don't just mean working from home occasionally. We operate on a hybrid basis, and also recognize that life happens during the 9-5.30 and encourage a sustainable work/life balance.
- Our bright and modern office spaces. When you need to be in the office we want it to be like being at home. We have a well-stocked kitchen and the option to bring your dog to work.
- We offer a fantastic suite of benefits. Including 25 days holiday plus an extra paid day off to enjoy your birthday, Vitality life cover (for health, sight, hearing and dental), Aviva pension (via a salary sacrifice scheme), life assurance, income protection and so many more.
- Our commitment to sustainability and giving back to the community. We know working for an organisation that takes its environmental & social impact seriously is important, and we are proud to offer 1 fully paid volunteering day per year, an employee matching charity donation scheme and options to lease an Electric Vehicle through our salary sacrifice scheme.
Application Security Manager in London employer: Unily
Contact Detail:
Unily Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Application Security Manager in London
β¨Tip Number 1
Network like a pro! Reach out to folks in your industry on LinkedIn or at events. A friendly chat can lead to opportunities that arenβt even advertised yet.
β¨Tip Number 2
Prepare for interviews by researching the company and its culture. Show them youβre not just another candidate; youβre genuinely excited about what they do!
β¨Tip Number 3
Practice your pitch! Be ready to explain how your skills align with their needs, especially around application security. Confidence is key!
β¨Tip Number 4
Donβt forget to apply through our website! Itβs the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who take that extra step!
We think you need these skills to ace Application Security Manager in London
Some tips for your application π«‘
Tailor Your Application: Make sure to customise your CV and cover letter for the Application Security Manager role. Highlight your experience with secure software development practices and any relevant certifications. We want to see how your skills align with our needs!
Showcase Your Technical Skills: Donβt hold back on detailing your hands-on experience with application security testing tools and techniques. Mention specific tools you've used, like SAST or DAST, as this will show us youβre ready to hit the ground running.
Communicate Clearly: Remember, we need someone who can bridge the gap between technical and non-technical stakeholders. Use clear language in your application to demonstrate your ability to communicate complex ideas simply and effectively.
Apply Through Our Website: We encourage you to apply directly through our website. Itβs the best way for us to receive your application and ensures you donβt miss out on any important updates from our team. Plus, itβs super easy!
How to prepare for a job interview at Unily
β¨Know Your Stuff
Make sure you brush up on your application security knowledge, especially around secure software development practices and DevSecOps. Familiarise yourself with tools like SAST and DAST, as well as frameworks like OWASP SAMM. Being able to discuss these confidently will show that you're serious about the role.
β¨Showcase Your Experience
Prepare to share specific examples from your past work where you've successfully implemented security measures or led a project. Highlight your experience with risk management processes and how you've handled external penetration testing engagements. Real-world examples can really make you stand out!
β¨Engage with the Team
Unily values collaboration, so be ready to discuss how you've worked with both technical and non-technical stakeholders in the past. Show that you can communicate complex security concepts in an understandable way. This will demonstrate your ability to be a trusted advisor to engineering teams.
β¨Ask Smart Questions
Prepare thoughtful questions about Unily's current security practices and future goals. Inquire about their approach to embedding security throughout the SDLC or how they handle compliance with data privacy regulations. This shows your genuine interest in the company and the role.
