Information Security Specialist Technical Lead

Stoke-on-Trent Technology

As an Information Security Specialist Technical Lead, you will lead the team on securing our applications through best practice development lifecycle controls, penetration testing and tooling.

Full-time

Closes 18/02/2026

The Application Security team deal with the security of closed sourced, open source and proprietary applications. It is the team’s mission to ensure applications are developed and implemented in a secure manner and any risks are found and remediated efficiently.

The role is part of the broader Information Security team that utilise enterprise and bespoke tooling to identify and mitigate threats, safeguarding the Business. In this role, you will structure and design our application security testing strategy, tooling and secure coding guidelines.

You will work alongside departments across the Business to ensure application-based vulnerabilities are understood and mitigated. It is paramount to possess an understanding of secure development lifecycles and the assessment of code.

We utilise AI to enhance our existing security processes and practices, embracing the advantages it brings. You will play a key lead role in our journey to leverage this powerful technology in strengthening our application security.

Excellent understanding and demonstrable experience with automated, dynamic and static application security testing tools, as well as manual security testing to find vulnerabilities and logical issues.

Advanced knowledge and understanding of OWASP and its utilisation within threat modelling.

Appropriate certifications demonstrating your security experience, such as OSCP, OSWE, CSSLP.

Experience of software development and designing, building and maintaining in house tooling.

Working knowledge of CI/CD pipelines and security tooling associated with them.

Demonstrable experience in using structured methodologies for conducting and reporting on web application testing.

Strong communication and documentation skills.

Ability to lead a team from a technical perspective.

Providing mentorship to junior team members.

Leading the project process to ensure that information security aspects are considered up front and throughout the project lifecycle and ensure tooling is appropriate.

Contributing to and continuously improving our security testing methodologies.

Performing advanced manual and automated code review and providing help with remediation.

Partnering with software development and architecture teams to ensure security is considered throughout the development lifecycle.

Designing and take ownership of our supply chain assurance processes to identify flaws and vulnerabilities.

Performing advanced risk assessments, threat modelling and design reviews to ensure effective security controls are in place.

Identifying opportunities for converting manual tasks into automated processes and identify tooling to support such automation.

Bonus

Eye care and Flu Vaccinations

Life Assurance

We are a unique global operator with passion and drive to be the best in the industry. Our values form the foundation of culture and shape the unique way that we work. People are our superpower and we support you to be the best you can be.