Information Security Specialist - Technical Lead

Permanent

Location: Manchester (Hybrid – 2-3 days per week onsite)

Salary: Up to £95,000 (plus car allowance, plus bonus)

About the Client

Our client renowned for its commitment to innovation, scalability, and cutting-edge technology. Operating at the forefront of digital solutions, they leverage bespoke and third-party systems to drive efficiency and enhance business operations. This is an exciting opportunity to join a forward-thinking organisation that prioritises technological evolution and continuous improvement.

How you’ll spend your day

As part of the wider Information Security function, you will play a key role in strengthening application security across the organisation. Working closely with engineering, architecture, and delivery teams, you’ll help ensure applications are designed, developed, and deployed with security at the forefront.

Your responsibilities will include:

• Designing and evolving the organisation’s application security testing strategy, tooling, and secure coding standards
  
  
• Performing advanced manual and automated security testing, including static and dynamic analysis to identify vulnerabilities and logical flaws
  
  
• Conducting risk assessments, threat modelling, and security design reviews to ensure robust controls are in place
  
  
• Partnering with software development and architecture teams to embed security throughout the secure development lifecycle
  
  
• Leading the security review process across projects to ensure risks are identified and mitigated early
  
  
• Designing and owning software supply chain assurance processes to identify and manage potential vulnerabilities
  
  
• Contributing to and improving security testing methodologies and best practices
  
  
• Mentoring junior members of the team and providing technical leadership on security matters
  
  
• Identifying opportunities to automate manual security processes and implement tooling to improve efficiency
  
  
• Supporting the organisation’s adoption of AI-enabled security processes to enhance detection and response capabilities
  
  What you’ll bring to this role
  
  We’re looking for an experienced application security professional who combines strong technical expertise with the ability to collaborate effectively across teams.
  
  Key experience and skills include:
  
  
• Strong hands-on experience with application security testing, including automated, dynamic, and static testing tools, as well as manual vulnerability assessment
  
  
• Deep understanding of OWASP principles and frameworks, including their use within threat modelling and secure development practices
  
  
• Experience assessing both proprietary and open-source applications for security risks
  
  
• Knowledge of secure development lifecycles and integrating security into engineering workflows
  
  
• Experience working with CI/CD pipelines and associated security tooling
  
  
• Strong technical understanding of code analysis and vulnerability remediation
  
  
• Experience using structured methodologies for web application security testing and reporting
  
  
• Ability to mentor team members and provide technical leadership
  
  
• Excellent communication and documentation skills, with the ability to explain security risks to technical and non-technical stakeholders
  
  You’ll also bring a proactive mindset, a passion for improving security practices, and a collaborative approach to working with development and infrastructure teams.
  
  Perks & Benefits:
  
  
• Performance-Based Bonus - Annual bonus paid in two instalments (April & September), based on company and personal performance.
  
  
• Pension Scheme - Employer-matched contributions of up to 7.5%.
  
  
• Hybrid Working - Minimum 2 days per week in the office, with flexibility on which days.
  
  
• Flexible Working Hours - 40-hour workweek with flexibility in how hours are structured.
  
  
• Generous Annual Leave - 25 days holiday + your birthday off, plus bank holidays. Option to buy or sell up to 5 additional days.
  
  
• Free Gym Membership - Available to all employees.
  
  What happens next?
  
  One of our Recruitment Consultants will be in touch and inform you if you’ve been successful to the next stage of the process or not, which is a qualification call where we will tell you more about the role and the client, and understand more about you, your experience and career aspirations.
  
  Should we both wish to proceed, we will submit your details to the client and be in touch regarding the outcome and any further steps.
  
  The interview process for this client consists of:
  
  
• Stage 1 – 60-90 minutes technical and competency interview via MS Teams
  
  
• Stage 2 – 60-minute interview with hiring manager and head of department focussed on exploring soft skills.
  
  Equal Opportunities
  
  We are committed to providing equal opportunities for all candidates and welcome applications from individuals regardless of age, disability, gender identity, marital status, race, religion or belief, sexual orientation, or any other characteristic protected by law. As an employment agency for permanent and contract hires, we are dedicated to promoting a diverse and inclusive workforce, and we encourage applications from underrepresented groups to drive innovation and equality within the workplace.
  
  Should you require any reasonable adjustments please let us know so we can accommodate for any interactions with us at Biometric Talent, but also inform the client to ensure reasonable adjustments are made to allow for a fair and equitable process