Lead Application Security EngineerSimply Business

London, UK 27-04-2023
B Corp
We’re Simply Business

We insure small businesses and enable big dreams – not just for our customers, but for our people and communities too. With over 800,000 active insurance policies, we protect builders, bakers, landlords, and more than 1,000 other trades. 

We harness cutting-edge data ability, believe in experimentation, and build our own technology to deliver better experiences for our customers and employees. This means we’re as much a technology company as one that sells insurance. We build, we fail, we learn, we improve. We’re a B Corp too, which recognises our strong track record of having a positive impact on people, society and the environment.  

If Simply Business sounds like the kind of place you’ll thrive, we’d love to hear from you.

Application Security Lead to join us in London.

Reporting to the Head of Security Assurance you’ll play an important role in defining and delivering the roadmap and strategic objectives for the application security team. 

You’ll determine the role the application security team will play in our InfoSec strategic vision and define and manage our quarterly plans. As well as being instrumental in being able to assess the application security risks SB faces and being able to ensure that SB continues to operate a secure SDLC.

As the Application Security Lead you will:

    • lead the application security team and work with the head of security assurance to coordinate budget, effort, and resources 
    • have a deep understanding of cyber and application security risks to make sure the team’s effort is focused on mitigating the areas of highest risk to Simply Business 
    • act as the application security liaison with stakeholders across the business 
    • advise on the application security architecture of projects
    • working with the head of security assurance and being responsible for all application security tooling requirements
    • be responsible for the creation of metrics and reports
    • perform security risk analysis of Simply Business’s SLDC and the security risks faced by Simply Business.
    • be responsible for the creation of documentation such as policies, procedures, standards, guidelines, and training
    • collaborating with technology teams to strengthen security of build pipelines

We are looking for an individual who:

    • has experience of performing the role of application security engineer that can demonstrate leadership skills with an understanding of strategy – with a broader business and security perspective
    • has a great work ethic and is able to demonstrate analytical and critical thinking 
    • is able to collaborate with multiple business units and has excellent listening and communication skills
    • has an understanding of software development either through previous experience or from working closely with software developers
    • has a detailed knowledge and understanding of the OWASP top 10 security risks
    • has a detailed understanding of cyber security risk and experience of managing risks throughout their lifecycle
    • is knowledgeable of web technology and protocols such as HTTP, HTTPS, HTML, JavaScript, XML, WebSockets, JSON for example
    • has experience in performing code reviews and writing security tests (familiarity with JavaScript and Ruby preferred)
    • has experience working with DevOps teams and with agile workflows including Scrum and Kanban
    • has experience working with cloud technologies - preferably AWS tooling and services 
    • possesses knowledge of the National Institute of Standards (NIST) framework and International Standards Organization (ISO) requirements

Our culture is inclusive and diverse

We Embrace Individuality We value what’s important to each and every SBer. Whether that be providing access to cutting edge wellbeing support, or being part of one of our many diversity networks and communities.  We also take personal development seriously - we’re all about enabling big dreams.

We Trust Who We Hire We empower SBers with choice and flexibility to make the right decisions based on the needs of their roles and we’ve been working this way long before Covid19. 
There’s no one-size-fits all solution when it comes to how often we get together in person, so all of our people and teams find the rhythm that suits them best when it comes to working from home or hub.

We’re innovative We've created a place for people to be curious, experience new things, and bring unique ideas to the table. If you want to learn how we do all this - head over to our Careers page where you’ll see us walk the talk 

Our mission is to make Simply Business synonymous with fairness, belonging and inclusivity. We won’t be happy until we’ve created a truly inclusive culture – where every employee, whatever their background, role, or location, feels comfortable being their authentic self at work.

We all have a part to play – to learn more, to do more and to go further – in building this new reality that’ll be befitting of the diversity of the customers we serve. At Simply Business, we’re all in.

What are the benefits?

At Simply Business, our benefits let you balance life and work properly:

flexible parental leave – you can choose to take shared parental leave, plus we offer full pay for the first six months of your maternity leave and four-week fully paid paternity leave, subject to meeting the qualifying criteria
remote working – more of us are currently working remotely than usual, but longer-term you can balance working remotely with working in the office, giving you the opportunity to connect with colleagues
mental health and wellbeing resources – we take your wellbeing seriously, giving you access to counselling (through our Employee Assistance Programme) as well as technology to support your mental health (through the Unmind app)
paid sabbatical – two weeks off when you’ve been here for five years and four weeks off when you’ve been here for 10, 15 & 20 years
a dedicated learning platform – including a management and leadership programme – the platform lets you balance both work and life goals
life event leave – where every UK SBer has an extra day of leave, every two years, to use for whatever purpose they want, whether that be for moving house, welcoming a new pet to your household or celebrating your Birthday.

And we compensate you fairly:

• a competitive salary that reflects your experience, our pay policy and the market we’re in from your first day
• the potential to earn an annual bonus based on business performance (those on commission-led roles will be rewarded monthly)
• we match what you put into your pension up to five per cent
• a health cash plan reimburses your everyday medical expenses (with the opportunity to increase the level of your plan in your flexible benefits)
• a generous holiday entitlement of 25 days annual leave, plus bank holidays, and an extra day of holiday every two years to use however you wish
life assurance of four times of your basic salary
Smart Health services including unlimited access to a 24/7 virtual GP
• a flexible benefits scheme with an allocated allowance each year to choose from benefits including private medical insurance, dental insurance, travel insurance, up to five days extra holiday, and gym membership

These values are important to us and our people
• Learning
• Empowerment
• Authenticity
• Pioneering
• Simplicity

These all mean something unique to every person at Simply Business, but if you’re thinking about working here, give them some thought. They’re at the heart of our story.


Applications are now closed