Application Security Specialist (Architecture)

Hybrid – Cambridge, UK (1 day per week in office)

Our client is seeking an experienced Application Security Specialist to strengthen their cyber function and embed secure practices across product and engineering teams. This role focuses on application security architecture, threat modelling, and risk management, working closely with developers and architects to ensure security is built into every stage of the software lifecycle.

What you’ll be doing:

• Act as the go-to specialist for application security design, risk analysis, and best practices.
• Partner with engineering teams to review code, designs, and sprints for potential vulnerabilities.
• Establish and embed threat modelling and secure coding practices across projects.
• Develop and integrate security testing plans into the SDLC.
• Support incident response and help shape application security KPIs and metrics.

What we’re looking for:

• 3+ years’ experience in software development plus 2+ years in application security.
• Strong knowledge of OWASP principles, secure web development, and vulnerability testing.
• Hands-on experience with Agile/DevOps environments.
• Confident communicator with the ability to collaborate across technical and non-technical teams.
• Bonus: exposure to penetration testing or working with security researcher communities.

Why apply?

This is a chance to shape application security strategy within a growing cyber team, work on complex and high-impact projects, and influence how secure development is delivered at scale.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Information Technology

Computer and Network Security