Application Security Lead/ 9 months Contract/ Fully Remote

Application Security Lead - Up to £675 per day

9 months contract- Inside IR35

Fully Remote UK based

CBTR is working with a leading enterprise client to hire an experienced Application Security Lead to own and evolve their application security capability across the full software development lifecycle.

This is a senior, hands-on role focused on embedding secure-by-design principles, reducing risk exposure, and strengthening cyber resilience across modern, cloud and API-driven environments.

You’ll work at the intersection of security, engineering, and business teams, ensuring application risks are clearly understood, prioritised, and effectively managed.

Required Skills:

• Strong experience in Application Security, DevSecOps, or Secure Software Engineering

• Deep understanding of OWASP Top 10 and exploitation techniques

• Hands-on experience with SAST, DAST, and SCA tools

• Experience integrating security into CI/CD and SDLC

• Cloud experience (AWS and/or Azure)

• Ability to translate technical risk into clear business impact

• Strong stakeholder management and influencing skills

• Ability to communicate complex security concepts clearly and effectively

• Experience securing cloud-native or SaaS platforms

• Understanding of AI/ML security risks

• Familiarity with Terraform, or other IaC tooling

• Knowledge of frameworks such as NIST or ISO27001

• Knowledge of authentication and authorisation frameworks (OAuth2, OIDC, SAML, RBAC/ABAC)

• Experience in large-scale enterprise & regulated environments

Desirable Certifications:

• CISSP

• CEH

• OSCP / OSWE

• Security+