Application Security Lead

London, United Kingdom

StepStone Group

Our AI-driven job marketplaces, programmatic-powered marketing solutions and customer-centricity find the perfect candidate quickly and equitably

View all jobs at StepStone Group

Apply now Apply later

Company Description

Who we are 

At The Stepstone Group, we have a simple yet very important mission: The right job for everyone. Using our data, platform, and technology, we create opportunities for job seekers and companies around the world to find a perfect match, in fair and equitable way. With over 20 brands across 30+ countries, we strive for fair and unbiased hiring.  

Join our team of 4,000+ employees and be part of reshaping the labour market and becoming the world’s leading job-tech platform. 

Job Description

You will lead a team and you will be responsible for the software application security. You will coordinate scheduled pentests and ad-hoc assessments of different products, prior to prod or in production. The successful candidate will have hands-on knowledge on SSDLC and automation, to enable integration and adoption of security tooling/services.

You will play a vital role as we reimagine the labour market to make it work for everybody.

  • Will champion and support teams with threat-modelling activities.
  • Will champion the adoption of threat-modelling automation and will constantly measure the safeguards to mitigate risks.
  • You will design, build, and operate innovative tools to automate security assessments. In addition you will support the Security Management by providing insights on different KPIs and metrics.
  • Coordinate with different teams to embed and present APPSEC metrics into teams-dashboards.
  • Coordinate with ISO to enhance our policies and standards and join product development calls to present security requirements and propose ideas how to differentiate our brand.

Qualifications

  • Hands-on experience of SSDLC automation and implementation.
  • Hands-on experience with threat modelling activities, tooling and implementation.
  • Experience with Pentest scoping and prioritization based on risk and impact.
  • Development experience in .Net, Java , RoR is a plus.
  • Certifications are not a must but would be a plus, OSCP, OSWA/OSWE. Knowledge of cryptography, authentication and authorization.

Additional Information

Your benefits:

We’re a community here that cares as much about your life outside work as how you feel when you’re with us. Because your job shouldn’t take over your life, it should enrich it. Here are some of the benefits we offer: 

  • 29 days holiday allowance + bank holidays 
  • Private medical and dental healthcare 
  • Pension contribution up to 10% 
  • Training and development opportunities 
  • Cycle to work scheme 
  • In house Barista 
  • Hybrid working model 
  • Volunteering days 

and you can bring your dog to the office!

Our commitment 

Equal opportunities are important to us. We believe that diversity and inclusion at The Stepstone Group are critical to our success as a global company, so we want to recruit, develop, and keep the best talent. We encourage applications from everyone, regardless of background, gender identity, sexual orientation, disability status, ethnicity, belief, age, family or parental status, and any other characteristic. 

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Application security Automation Cryptography Java KPIs OSCP OSWE Security assessment SSDLC

Region: Europe
Country: United Kingdom

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.