Application Security Lead/ 9 months Contract/ Fully Remote

Application Security Lead - Up to £675 per day 9 months contract- Inside IR35 Fully Remote UK based CBTR is working with a leading enterprise client to hire an experienced Application Security Lead to own and evolve their application security capability across the full software development lifecycle. This is a senior, hands-on role focused on embedding secure-by-design principles, reducing risk exposure, and strengthening cyber resilience across modern, cloud and API-driven environments. You’ll work at the intersection of security, engineering, and business teams, ensuring application risks are clearly understood, prioritised, and effectively managed. Required Skills: Strong experience in Application Security, DevSecOps, or Secure Software Engineering Deep understanding of OWASP Top 10 and exploitation techniques Hands-on experience with SAST, DAST, and SCA tools Experience integrating security into CI/CD and SDLC Cloud experience (AWS and/or Azure) Ability to translate technical risk into clear business impact Strong stakeholder management and influencing skills Ability to communicate complex security concepts clearly and effectively Experience securing cloud-native or SaaS platforms Understanding of AI/ML security risks Familiarity with Terraform, or other IaC tooling Knowledge of frameworks such as NIST or ISO27001 Knowledge of authentication and authorisation frameworks (OAuth2, OIDC, SAML, RBAC/ABAC) Experience in large-scale enterprise & regulated environments Desirable Certifications: CISSP CEH OSCP / OSWE Security+ Apply To This Job