We’re looking for an experienced Application Security Technical Lead to own and run application security across MedHealth.
This is a hands-on role responsible for operating and continuously improving an established AppSec capability — ensuring security practices, tooling and processes are effectively embedded into development workflows.
You will work across multiple applications and development teams, each with varying levels of application security maturity, tailoring your approach to uplift capability while maintaining delivery alignment.
Key responsibilities
- Own and operate application security across the SDLC
- Identify and assess application security risks, partnering with Engineering teams on remediation
- Perform secure code reviews (primarily .NET) and support secure development practices
- Lead threat modelling and security assessments across applications and automation workflows
- Adapt security practices to suit different team maturity levels, balancing uplift, standardisation and delivery needs
- Own and optimise AppSec tooling (SAST, DAST, SCA) across CI/CD pipelines
- Ensure effective security testing without impacting delivery velocity
- Own vulnerability visibility, prioritisation and reporting
- Define and apply secure design and development standards
- Establish Security Champions across development teams
- Mentor developers and uplift secure coding capability across teams