Application Security Specialist

Overview

Insight Investment is looking for a skilled and proactive Application Security Specialist to join our Security Architecture team. This role focuses on embedding security into the software development lifecycle and driving DevSecOps practices across engineering teams. The ideal candidate will have a strong technical background in application security, secure coding, and automation within CI/CD pipelines.Role Responsibilities

Collaborate with development, DevOps, and architecture teams to integrate security into the SDLC.Design and implement secure coding practices and threat modelling processes.Lead the integration of security tools into CI/CD pipelines (e.g., SAST, DAST, SCA, IAST).Conduct security assessments of applications, APIs, and microservices.Develop and maintain security standards, guidelines, and automation scripts.Provide guidance on secure design patterns and architecture decisions.Promote a DevSecOps culture and continuous security improvement across development and architecture teams.Experience Required

Strong understanding of application security principles (e.g., OWASP Top 10, CWE).Hands-on experience with one or more security tools: Software Composition Analysis (SCA) such as Veracode (preferred), Snyk, Black Duck, etc.Familiarity with CI/CD tools (e.g., GitHub Actions, TeamCity, Octopus, Azure DevOps).Knowledge of containerised environments and their security best practices (Docker, Kubernetes).Knowledge of cloud security (Azure) and infrastructure-as-code (Terraform, CloudFormation).Experience with threat modelling tools (e.g., Threat Dragon, IriusRisk) is preferable.About Insight Investment

Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients'' needs. Founded in 2002, Insight''s collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability-driven investment, risk management, full-spectrum fixed income, currency and absolute return capabilities.Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at: www.insightinvestment.comAdditional Information

Seniority level: Mid-Senior levelEmployment type: Full-timeJob function: Information TechnologyIndustries: IT Services and IT ConsultingInsight is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation. If you require an accommodation to apply for a role, please email TalentAcquisition@InsightInvestment.comWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of ..... full job details .....