Techfellow Limited
Lead Application Security Engineer | Technology-Enriched Investment Firm
Techfellow Limited, New City, New York, United States, 10956
Lead Application Security Engineer | Technology-Enriched Investment Firm
Lead Application Security Engineer | Technology-Enriched Investment Firm
1 day ago Be among the first 25 applicants [Up to c. $375k Comp Package (or equivalent) | Hybrid Working] We’re supporting a globally respected investment firm on the build-out of a greenfield Application Security function. With cloud-native infrastructure, modern DevOps practices, and executive-level buy-in, the firm is investing in a long-term AppSec roadmap - and now they’re seeking a hands-on technical lead to own its implementation from the ground up. This is a senior opportunity for someone who’s ready to shape, build, and run a full-stack DevSecOps environment - educating developers, embedding testing and automation into CI/CD pipelines, and influencing how secure software is delivered across the business. It’s ideal for someone with a development background who’s since moved into security, and who understands the pressures engineers face. You’ll be given autonomy and influence - but also expected to bring clarity, energy, and leadership to make it happen... Key Responsibilities Lead the design, delivery, and evolution of a new application security programme, reviewing the existing roadmap and working with the Head of DevOps and CTO to gain alignment and sign-off Act as a subject matter expert on secure development - advising engineers, promoting best practices, and embedding security into CI/CD workflows without blocking productivity Partner with DevOps teams to ensure secure automation across infrastructure and application layers, aligning closely with platform and tooling standards Manage, deploy, and optimise security tools across the pipeline - including SAST, DAST, SCA, OSS scanning, and dependency management Define and maintain AppSec standards, policies, and documentation to support scalable adoption across engineering teams Build developer-friendly guidance and training that encourages secure coding habits, threat awareness, and proactive risk mitigation Stay ahead of emerging threats and trends in application security - providing input on tooling decisions, framework updates, and control enhancements Act as the escalation point for complex security issues in the SDLC, advising on risk, controls, and code-level mitigations when needed What You’ll Bring... 6+ years’ experience in software development, DevOps, or security engineering - with a focus on secure software delivery Strong development background - able to read and support code in multiple languages and relate to the demands of modern engineering teams Demonstrated expertise across DevSecOps tools and practices - including CI/CD security integration and automation Experience managing CI/CD platforms (GitHub, Jenkins, GitLab CI/CD, Azure DevOps) at a systems or server level Solid grasp of IaC (Infrastructure-as-Code) tooling such as Terraform or CloudFormation Skilled in scripting and automation using Python, Bash, or similar Hands-on experience with cloud infrastructure (AWS essential, Azure/GCP a bonus) and container orchestration (Docker, Kubernetes) Strong understanding of secure architecture principles and frameworks - NIST CSF, ISO27001, SOC 2, etc. Excellent communication skills - able to influence senior stakeholders, translate security concerns, and build trust across technical teams (Preferred) Prior experience working in fast-paced financial environments or building AppSec programmes from the ground up (Preferred) Relevant certifications (e.g. OSWE, CSSLP, CISSP, or equivalent) ... Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Engineering, Information Technology, and Finance Industries Capital Markets, Investment Management, and Financial Services Referrals increase your chances of interviewing at Techfellow Limited by 2x Get notified about new Application Security Engineer jobs in
New City, NY . Greenwich, CT $140,000.00-$180,000.00 1 month ago Software Engineer Intern, AI/LLM Initiative
Software Engineer / Quant Research Developer - Trading Applications (Python/Java)
Yonkers, NY $110,000.00-$120,000.00 2 weeks ago Hackensack, NJ $55,000.00-$70,000.00 3 days ago Purchase, NY $106,400.00-$178,100.00 2 days ago Purchase, NY $106,400.00-$178,100.00 2 weeks ago Greenwich, CT $155,000.00-$175,000.00 1 month ago Purchase, NY $106,400.00-$178,100.00 2 days ago Purchase, NY $106,400.00-$178,100.00 2 weeks ago Old Greenwich, CT $150,000.00-$250,000.00 2 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Lead Application Security Engineer | Technology-Enriched Investment Firm
1 day ago Be among the first 25 applicants [Up to c. $375k Comp Package (or equivalent) | Hybrid Working] We’re supporting a globally respected investment firm on the build-out of a greenfield Application Security function. With cloud-native infrastructure, modern DevOps practices, and executive-level buy-in, the firm is investing in a long-term AppSec roadmap - and now they’re seeking a hands-on technical lead to own its implementation from the ground up. This is a senior opportunity for someone who’s ready to shape, build, and run a full-stack DevSecOps environment - educating developers, embedding testing and automation into CI/CD pipelines, and influencing how secure software is delivered across the business. It’s ideal for someone with a development background who’s since moved into security, and who understands the pressures engineers face. You’ll be given autonomy and influence - but also expected to bring clarity, energy, and leadership to make it happen... Key Responsibilities Lead the design, delivery, and evolution of a new application security programme, reviewing the existing roadmap and working with the Head of DevOps and CTO to gain alignment and sign-off Act as a subject matter expert on secure development - advising engineers, promoting best practices, and embedding security into CI/CD workflows without blocking productivity Partner with DevOps teams to ensure secure automation across infrastructure and application layers, aligning closely with platform and tooling standards Manage, deploy, and optimise security tools across the pipeline - including SAST, DAST, SCA, OSS scanning, and dependency management Define and maintain AppSec standards, policies, and documentation to support scalable adoption across engineering teams Build developer-friendly guidance and training that encourages secure coding habits, threat awareness, and proactive risk mitigation Stay ahead of emerging threats and trends in application security - providing input on tooling decisions, framework updates, and control enhancements Act as the escalation point for complex security issues in the SDLC, advising on risk, controls, and code-level mitigations when needed What You’ll Bring... 6+ years’ experience in software development, DevOps, or security engineering - with a focus on secure software delivery Strong development background - able to read and support code in multiple languages and relate to the demands of modern engineering teams Demonstrated expertise across DevSecOps tools and practices - including CI/CD security integration and automation Experience managing CI/CD platforms (GitHub, Jenkins, GitLab CI/CD, Azure DevOps) at a systems or server level Solid grasp of IaC (Infrastructure-as-Code) tooling such as Terraform or CloudFormation Skilled in scripting and automation using Python, Bash, or similar Hands-on experience with cloud infrastructure (AWS essential, Azure/GCP a bonus) and container orchestration (Docker, Kubernetes) Strong understanding of secure architecture principles and frameworks - NIST CSF, ISO27001, SOC 2, etc. Excellent communication skills - able to influence senior stakeholders, translate security concerns, and build trust across technical teams (Preferred) Prior experience working in fast-paced financial environments or building AppSec programmes from the ground up (Preferred) Relevant certifications (e.g. OSWE, CSSLP, CISSP, or equivalent) ... Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Engineering, Information Technology, and Finance Industries Capital Markets, Investment Management, and Financial Services Referrals increase your chances of interviewing at Techfellow Limited by 2x Get notified about new Application Security Engineer jobs in
New City, NY . Greenwich, CT $140,000.00-$180,000.00 1 month ago Software Engineer Intern, AI/LLM Initiative
Software Engineer / Quant Research Developer - Trading Applications (Python/Java)
Yonkers, NY $110,000.00-$120,000.00 2 weeks ago Hackensack, NJ $55,000.00-$70,000.00 3 days ago Purchase, NY $106,400.00-$178,100.00 2 days ago Purchase, NY $106,400.00-$178,100.00 2 weeks ago Greenwich, CT $155,000.00-$175,000.00 1 month ago Purchase, NY $106,400.00-$178,100.00 2 days ago Purchase, NY $106,400.00-$178,100.00 2 weeks ago Old Greenwich, CT $150,000.00-$250,000.00 2 weeks ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr