Application Security Lead

Andersen is hiring an Application Security Lead to build and lead an AppSec practice, define security services, drive delivery, and shape scalable application security solutions. 

Andersen is a European pre-IPO IT company uniting over 3,500 top-class professionals. For over 19 years, we have been helping enterprises and middle-sized firms worldwide transform their businesses by creating effective digital solutions using innovative technologies. 

Today, we are working with businesses from various parts of the world, including Western Europe, the USA, and Asia. Our expertise includes FinTech, Healthcare, Retail, Telecom, Media & Entertainment, Logistics, Travel & Hospitality, eCommerce, and other industries. 

Responsibilities: 

• Defining and structuring the Application Security service portfolio (pentesting, code reviews, AppSec consulting, SSDLC advisory, red teaming, etc.). 

• Designing and documenting delivery processes and methodologies. 

• Delivering AppSec services directly in early phases of the practice (hands-on work). 

• Interfacing clients to understand needs, propose services, and present results. 

• Building and managing a team of AppSec specialists (starting with 2). 

• Supporting sales and presales efforts, including service descriptions, SoWs, RFPs. 

• Ensuring quality, consistency, and scalability of delivery across AppSec engagements. 

• Collaborating with other practices (GRC, SOC, Cloud Security) to ensure integrated delivery. 

  
  

Must-haves: 

• Hands-on experience in Application Security for 6+ years, including penetration testing (web, mobile, APIs). 

• Strong experience with SSDLC, secure code review, and threat modeling. 

• Proficiency in AppSec tooling and CI/CD integration for security automation. 

• Previous experience in consulting, MSSP, or security services delivery. 

• Strong client-facing and communication skills. 

• Experience designing or leading AppSec projects, either as tech lead or service lead. 

• Understanding of modern development practices (DevOps, Agile).

• Level of English – from Upper-Intermediate+ and above. 

Nice-to-have: 

• Prior experience building or leading a security practice/team. 

• Red teaming or adversary simulation experience. 

• Certifications such as OSWE, GWAPT, CSSLP, or similar. 

Reasons why this job would be interesting to you: 

• Andersen cooperates with such companies as Siemens, Johnson & Johnson, AstraZeneca, BNP Paribas, Allianz, Ryanair, TUI, Verivox, Media Markt, etc.. 

• For the past four years, our company has been growing annually by 60–100%, and we constantly involve top-notch specialists in our team. 

• Andersen has mentoring and adaptation systems for new employees, and transparent performance review and assessment systems will allow you to determine your development path and plan your growth. 

• The most important thing that we value in our employees is a commitment to continuous learning. The company supports them in this and gives them access to the best educational platforms, seminars, and practices. In addition, for over 19 years, Andersen has assembled a huge knowledge base and established a robust resource management institution. 

• We have been strengthening our expertise since 2007. During this time, we have formed excellent teams with streamlined processes, where you can learn something new from your colleagues every day and enjoy your work. 

• We are a cool young team of like-minded people communicating informally. 

• You'll have a stable and competitive salary and an extensive benefits package. 

• At Andersen, we have many different ways to grow. You can improve as a specialist or a manager, and all your activities will be decently rewarded. 

  
  

Your personal data is protected in accordance with GDPR regulations. Learn more: https://andersenlab.com/privacy-policy/pl

Join us!