Collinson is the global, privately-owned company dedicated to helping the world to travel with ease and confidence. The group offers a unique blend of industry and sector specialists who together provide market-leading airport experiences, loyalty and customer engagement, and insurance solutions for over 400 million consumers. Collinson is the operator of Priority Pass, the world’s original and leading airport experiences programme. Travellers can access a network of 1,500 lounges and travel experiences, including dining, retail, sleep and spa, in over 650 airports in 148 countries, helping to elevate the journey into something special. We work with the world’s leading payment networks, over 1,400 banks, 90 airlines and 20 hotel groups worldwide. We have been bringing innovation to the market since inception – from launching the first independent global VIP lounge access Programme, Priority Pass to being the first to sell direct travel insurance in the UK through Columbus Direct and creating the first loyalty agency of its kind in the travel sector with ICLP. Today we still invest heavily in innovation to ensure that we continue to deliver superior customer experiences. Key clients include Mastercard, American Express, Cathay Pacific, British Airways, LATAM, Flying Blue, Accor, EasyJet, HSBC, Chase, HDFC. Our mission is focused on doing good beyond profit, which for us means we seek out opportunities for our people to share in our success and that we give back to the communities and people within which we work. Never short of ambition, the success of our business is delivered through the diverse and talented team of over 2,200 global colleagues. About the Role Sitting within Collinson’s central Legal, Risk and Compliance function and reporting to the Chief Information Security Officer (CISO), this role is responsible for leading the Group’s application security programme. You will play a pivotal role in ensuring our applications remain resilient against cyber threats, meet regulatory and client requirements, and continue to support Collinson’s focus on rapid innovation. As a key security partner to our technology and product teams, you will embed security best practices across the application lifecycle, champion secure coding principles, and drive continuous improvement in our defences. Key Responsibilities Develop and manage the application security programme, integrating security tools, standards and reporting into the product lifecycle and risk frameworks. Define and maintain security policies, standards and procedures to guide secure application development. Perform application security assessments and manage automated security scanning processes. Deliver security training and promote secure coding best practices to development teams. Drive vulnerability remediation efforts, collaborating closely with engineering and product teams. Manage application security tools and technologies, ensuring effective coverage and performance. Monitor security threats and trends, applying relevant insights to strengthen application security. Participate in incident response activities for application-related security events. Report key security metrics and insights to technical, risk, commercial and platform stakeholders. Support broader CISO initiatives, contributing to cross-functional security programmes as needed. Key Knowledge and Skills Required Strong understanding of application security principles, common vulnerabilities (e.g. OWASP Top 10, CWE), and defensive techniques. Practical experience with application security assessment tools and secure software development. Knowledge of security frameworks and standards (ISO 27001, NIST, PCI-DSS, GDPR). Solid coding background with experience in secure coding practices. Excellent stakeholder management and communication skills, with the ability to act as a trusted security advisor. A proactive and collaborative mindset, committed to ongoing learning and improvement. Demonstrable experience leading or significantly contributing to an application security programme. Relevant educational background and/or industry certifications. Collinson is an equal opportunity employer and welcomes differences in all their forms including: colour, race, ethnicity, gender identity, sexual orientation, neurodivergence, family status, age, individuals with disabilities and people from all backgrounds, cultures and experiences as we strongly believe this contributes to our on-going success. We are focused on continually evolving our purpose driven, high performing culture, providing an environment where our people have the opportunity to achieve their full potential and do interesting and meaningful work. Our company values are: Take Action, Do the right thing, One team and Be insight led. These help guide everything we do internally in terms of how we think, act and interact, right through to how we deliver value to our customers and clients. In your application, please feel free to note which pronouns you use (For example - she/her/hers, he/him/his, they/them/theirs, etc). If you need any extra support throughout the interview process, then please email us at ukrecruitment@collinsongroup.com