Application Security Lead

Data Privacy Company

Rapidly growing and having recently hit 130 people, this Data Privacy Enterprise Software company was founded in London and already has a presence around the world.

The client

They aim to build software to enable the safe and ethical use of valuable data for both analytics and machine learning. Working with a variety of large organisations around the world, in sectors as varied as financial services, pharma and telecommunications, they enable these businesses to get the most out of their data without compromising on privacy or security.


How does their platform work?

Most insights that are valuable to organisations stem from analysing sensitive data. This company’s product enables analysts and data scientists to find, understand and share useful datasets. By maximising the utility of the data and expanding its safe access, organisations can improve insights to prevent money laundering, improve sales and enhance research models through data sharing and enable cloud migration technologies.

The role

What will I be doing?

To summarise quickly, you’d be working across three streams – compliance, cloud and pre-sales. Here’s a bit more info:

  • Ensuring new architecture components are designed with best security practices.
  • Own initiatives aimed at implementing and automating security controls, reducing risk, establishing a security-first culture, adopting a secure code development practice and providing technical leadership for security.
  • Drive application security best practices across the engineering teams.
  • Work closely with Software Engineers and SRE’s to make sure their products are secure throughout the SDLC.
  • Lead or respond to security investigations as necessary and conduct Product Security training and workshops.
  • Engage with customers and partners and communicate their feedback to relevant parts of the company.
  • Transform security from siloed practices to everyone’s responsibility by integrating security activities into development routines and processes.


What background will I have?

  • A good understanding of business needs and objectives, as well as the ability to drive change and take initiative. You’ll also be able to educate and explain complex concepts in layman’s terms.
  • Knowledge and experience within InfoSec, Application Security (think OWASP) and Cloud Security.
  • A strong technical background in large-scale multi-tenant and container based cloud environments, as well as being comfortable with large codebases that are using multiple languages and infrastructure as code.
  • A solid understanding of Agile development and systems thinking.
  • Experience in defining a strategy to follow and adopt across multi-role teams.
  • Ideally have worked to achieve and maintain compliance with the likes of SOC2 and ISO27001.

Bonus points if you’re comfortable delving into code when needed, review pull requests and stay close to the team’s work. It would also be great if you have experience implementing and designing security controls for cloud.

The candidate

What’s in it for me?

They’re offering a salary of up to £110K, as well as 30 days holiday (plus bank holidays). They’ve also recently introduced the freedom to work from anywhere in the world for a month, as well as matching pension contributions up to 5% and giving stock options within the company. They’ve a flexible working culture and would be looking for people to pop into the office once or twice a week ideally, though can flex on this for the right person. They also offer 20 weeks full pay maternity, and 12 weeks full pay paternity.

On top of the above there’s your more standard benefits, such as a laptop, phone and equipment, sickness, critical illness, worldwide travel and life insurance, a bike to work scheme and regular socials.

We welcome those with alternative identities, backgrounds, and experiences. Our team includes parents, the self-taught, the university-educated, and people of a wide variety of nationalities, ages, and socio-economic backgrounds.

Obviously, we’re looking to ensure it’s a solid fit from both sides: we want you to step into a role you love, and we want to offer you a place you’re proud to come to every day for work.

We know that diverse teams are strong teams, and welcome those with alternative identities, backgrounds, and experiences to apply to be part of life at Zebra People. We are committed to a fair and accessible recruitment process for all candidates. We would be happy to meet any accommodation requests during the application or interview process, please just let us know.