Application Security Specialist - London (Hybrid) - up to £90,000 + bonus + benefits
La Fosse has partnered with a global retail business to hire an Application Security Specialist into a senior role within their Information Security Team.
This is a key hire for the business, focused on bringing stronger ownership and technical leadership to application security across a large digital estate. The role will suit someone who can act as the go-to SME for AppSec, helping shape the capability, improve tooling, and embed security more effectively into the SDLC.
Responsibilities
- Own and improve application security tooling, including SAST and DAST, across web, mobile, and API environments.
- Lead application security testing activity, including penetration testing and bug bounty, working closely with internal teams and external partners.
- Partner with engineering and product teams to embed security into the SDLC and drive a more proactive approach to AppSec.
- Support the security of customer-facing applications and APIs, including oversight of threats such as credential stuffing and broader web application risk.
- Build dashboards, metrics, and KPIs to improve visibility of application security posture and progress.
- Provide technical leadership within AppSec, helping the wider team build capability and improve processes over time.
Requirements
- Strong background in application security within complex technology environments.
- Hands-on experience with secure coding, SAST, DAST, CI/CD integration, and DevSecOps practices.
- Good understanding of OWASP Top 10, API security, threat modelling, and common web application attack vectors.
- Able to operate as a credible technical SME while communicating clearly with senior stakeholders.
- Experience improving security across customer-facing digital platforms in large-scale environments.
#J-18808-Ljbffr