Head of Application Security
Indexed description
Head of DevSecOps/ Security Engineering (1 day/month London)
We’re working with a high-growth cybersecurity product business looking to hire a Head of DevSecOps to own and evolve their product security function.
This is a hands-on leadership role with real ownership, setting strategy whilst still being close enough to the detail to influence key technical decisions.
The role:
- Own product security posture end-to-end
- Define and drive DevSecOps strategy across the SDLC
- Lead threat modelling, pen testing, and vulnerability management
- Embed security into engineering teams and delivery pipelines
- Own supply chain security and SBOM reporting
- Lead and grow a small, high-calibre team
- Act as a key voice in incident response and risk management
- Explore and scale AI-driven / agentic security tooling
What they’re looking for:
- Proven leadership in DevSecOps / AppSec
- Strong hands-on experience with SAST, DAST, SCA in CI/CD
- Deep understanding of modern product security
- Experience balancing security with delivery in a product environment
- Strong stakeholder skills across engineering and exec level
Nice to have:
- Cloud security (AWS / Azure / GCP)
- Experience securing AI / ML or agent-based systems
- Exposure to OWASP, NIST, ISO or similar
Why join?
- Security-first product business with strong technical DNA
- Backed for growth and scaling
- High ownership, high impact role
- £110k + package
- Remote-first with just 1 day per month in London
Message me if you want more detail or apply direct.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search