Description
The Application Security Team Lead owns and evolves MO's application security capability, embedding security into engineering practices, platforms, and delivery pipelines while leading a small team of specialists. Reporting to the Cyber Security Technical Manager, the role drives secure-by-design principles across the software development lifecycle, including the implementation of tooling, standards, and security controls within CI/CD.
Alongside team leadership, the role acts as the hands-on security lead for a key development area, taking end-to-end ownership of its security posture. Working closely with engineering, product, and platform teams, you provide deep technical expertise across design, implementation, and vulnerability management, ensuring security is pragmatic, scalable, and supports effective delivery at pace.
Key Responsibilities:
1. Lead and develop the application security team, setting clear priorities, building capability, and ensuring effective delivery of AppSec services.
2. Own and operate our application security tooling, including SCA & SAST, ensuring effective coverage across all in-scope applications.
3. Integrate security controls into CI/CD pipelines, working with platform and engineering teams to embed automated security testing and guardrails into development workflows.
4. Define, implement, and maintain secure development standards, i...