Application Security Lead

TL;DR

Application Security Lead: Define and lead the application security program, accountable for assessing and improving the security of internal and external applications with an accent on secure development guidance, vulnerability management, and incident response. Focus on embedding secure design principles into the development lifecycle and proactively identifying and remediating application security risks.

Location: Hybrid role, based in our offices in London, UK or Sunnyvale, USA.

Company

hirify.global is the leading developer of Embodied AI technology, creating intelligent, mapless, and hardware-agnostic AI products designed for automakers to accelerate the transition to automated driving.

What you will do

• Define, lead, and mature application-focused security reviews and respond to security concerns.
• Lead response activities for application-centric security incidents, coordinating containment, investigation, and recovery.
• Maintain visibility of application vulnerabilities, track remediation, and support resolution with owners.
• Own the scheduling, scoping, and coordination of application security testing.
• Partner with engineering teams to embed secure design principles and threat modelling into the development lifecycle.
• Define and deliver the roadmap for scaling and continuously improving hirify.global’s application security capability.

Requirements

• Previous experience as a software engineer or security engineer working directly with application code.
• Proven experience in application security, secure development practices, and vulnerability management across cloud-based and internal application environments.
• Led or played a key role in addressing a significant application security incident or critical vulnerability.
• Strong working knowledge of application security frameworks (e.g., OWASP ASVS, OWASP Top 10) and secure SDLC workflows.
• Hands-on experience with application security tooling (e.g., SAST/DAST/IAST, dependency scanning, SCA, secrets detection).
• Bachelor’s degree (or equivalent) in a relevant discipline, demonstrating strong analytical, problem-solving, and communication skills.

Nice to have

• Experience building or scaling an application security programme or secure development capability.
• Familiarity with safety-critical, automotive, or operational software environments.
• Relevant application security certifications (e.g., OSWE, GWAPT, GCSA, CSSLP, OSCP, CISSP, CISM).

Culture & Benefits

• Committed to creating a diverse, fair, and respectful culture that is inclusive of everyone.
• Values diversity, embraces new perspectives, and fosters an inclusive work environment.
• Operates a hybrid working policy combining office time with remote work.
• Offers core working hours allowing you to determine your schedule.
• Committed to an inclusive interview experience, providing accommodations or adjustments as needed.