Chief Application Security Officer

Job Overview

This role is pivotal in creating and driving the successful execution of application security at a leading software development company. As a leader, you will be responsible for establishing and leading two specialized teams: Application Security Consulting and Application Security Engineering.

Your primary objective will be to build high-performing teams and own the delivery of our application security roadmap. You will ensure a proactive approach to embedding security into the software development lifecycle, fostering a strong secure-by-design/secure-by-default culture, and empowering engineers to ship secure code at scale.

The ideal candidate will possess exceptional people leadership skills, with a proven track record of leading teams to deliver high-quality software in a fast-paced environment. They will have strong domain expertise in application security, experience with security tooling, and a deep understanding of secure coding practices, DevSecOps, threat modeling, security architecture, and application risk management.

As an engineering leader, you will be expected to come with high emotional intelligence, being self-aware, self-regulated, motivated, and empathetic, with great interpersonal skills. You will lead and live the organization's vision and values, building and fostering an inclusive and positive team culture.

You will lead, develop, and grow high-performing AppSec Engineering and AppSec Consulting teams by providing coaching, mentorship, ensuring alignment with the organization's security and engineering strategy.

In partnership with the security product team, you will develop and execute the application security roadmap; embedding security best practices throughout the software development lifecycle, from architecture and design to testing and deployment.

Drive the implementation and maintenance of security tools and technologies, partnering with engineering teams to shift security left, integrating automated security testing, secure coding practices, and DevSecOps methodologies.

Provide technical oversight and mentorship, ensuring application security risks are well-understood, prioritized, and mitigated effectively.

Collaborate closely with security, engineering, and product teams to embed security at every stage of the development process, balancing application security requirements with developer productivity and business agility.

Collaborate with the Sec-Education team to provide regular workshops and training on application security matters, enhancing understanding of application risks for relevant employees.

Foster a culture of security enablement, where developers and engineers feel supported in building secure products.

You will possess the following skills:

• People leadership, demonstrating honesty and integrity. Proven track record of leading teams to deliver high-quality software in a fast-paced environment, leveraging lean-agile techniques, while managing competing priorities and ensuring alignment with strategic goals.
• Coaching and mentoring; utilizing software delivery, technical experience, and expertise, offering the right knowledge, at the right time in the right way – understanding why and how people learn.
• Strong domain expertise in Application Security (AppSec) with experience in securing modern software applications.
• Experience with security tooling, including SAST, DAST, SCA, and security automation within CI/CD pipelines.
• Deep understanding of secure coding practices, DevSecOps, threat modeling, security architecture, and application risk management.
• Strong stakeholder management skills, with the ability to influence without authority and align security priorities with business needs.

We offer a range of benefits to support your wellbeing and career growth:

• Generous paid leave to use however you'd like, plus statutory holidays.
• Dedicated paid leave to care for your physical and mental wellbeing.
• An Employee Assistance Program to access mental health care for you and your family.
• Health insurance, life insurance, and income protection.
• Wealth and sports programs.
• Employee resource groups.
• 26 weeks of paid parental leave for primary caregivers.
• An Employee Share Plan.
• Beautiful offices.
• Flexible working.
• Career development.

We're committed to creating an inclusive and positive team culture that supports your personal and professional growth.