Application Security Architect (Manchester)

Location: Manchester, England, United Kingdom

Department: COO

Workplace: hybrid

Employment Type: full

Description

Insight Investment is looking for an Application Security Architect to join our Cyber Security team in Manchester. This role focuses on embedding security into the software development lifecycle and driving DevSecOps practices across engineering teams. The ideal candidate will have a strong technical background in application security, secure coding, and automation within CI/CD pipelines.

Role Responsibilities

• Collaborate with development, DevOps, and architecture teams to integrate security into the SDLC
• Design and implement secure coding practices and threat modelling processes
• Lead the integration of security tools into CI/CD pipelines (e.g., SAST, DAST, SCA, IAST)
• Conduct security assessments of applications, APIs, and microservices
• Develop and maintain security standards, guidelines, and automation scripts
• Provide guidance on secure design patterns and architecture decisions
• Promote a DevSecOps culture and continuous security improvement across development and architecture team

Experience Required

• Strong understanding of application security principles (e.g., OWASP Top 10, CWE).
• Experience with secure coding in languages such as Java, Python, JavaScript, or .NET. (.NET and Python are preferable)
• Hands-on experience with one of each or more security tools:

• Static Analysis (SAST): Veracode (preferable), Checkmarx, Fortify, etc.
• Dynamic Analysis (DAST): Veracode (preferable), Burp Suite, OWASP ZAP, etc.
• Software Composition Analysis (SCA): Veracode (preferable), Snyk, Black Duck, etc.
• Container Security: Aqua Security (preferable), Prisma Cloud, etc.

• Familiarity with CI/CD tools (e.g., Github Actions, Teamcity, Octopus, Azure DevOps)
• Knowledge of containerised environments and their security best practices (Docker, Kubernetes)
• Knowledge of cloud security (Azure) and infrastructure-as-code (Terraform, CloudFormation)
• (Preferable) Experience with threat modeling tools (e.g., Threat Dragon, IriusRisk)

Insight is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation. If you are a candidate with a disability, or are assisting a candidate with a disability, and require an accommodation to apply for one of our jobs, please email us at [email protected]

About Insight Investment

Insight Investment is a leading asset manager focused on designing investment solutions to meet its clients' needs. Founded in 2002, Insight's collaborative approach has delivered both investment performance and growth in assets under management. Insight manages assets across its core liability-driven investment, risk management, full-spectrum fixed income, currency and absolute return capabilities. Insight has a global network of operations in the UK, Ireland, Germany, US, Japan and Australia. More information about Insight Investment can be found at: https://www.insightinvestment.com/corporate/