Application Security Team Lead

Your role at Exness:

As Application Security Team Lead, you will own the vision and execution of secure software development practices across the company. You will lead the Application Security team with a strong focus on protecting business-critical applications, building scalable security frameworks, supporting secure SDLC, and ensuring compliance with industry standards. You will partner with engineering, QA, DevOps, and business teams to continuously improve application security across in-house and 3rd-party solutions.

You will:

• Build and lead a high-performing application security team with deep expertise, a continuous delivery mindset, and measurable impact.
• Integrate security best practices, tools, and controls into all stages of the software development lifecycle (SDLC).
• Develop a scalable approach for defect management, vulnerability triage, and threat modeling across products.
• Standardise and improve application-level security monitoring and logging for in-house and SaaS/PaaS environments.
• Automate security controls and develop meaningful security metrics for transparency and accountability.
• Drive internal education programs and build the internal and external application security brand of Exness.
• Develop and manage a company-wide bug bounty program and related external engagement.
• Act as a trusted advisor to engineering teams and participate in architecture reviews and security risk assessments.

What makes you a great fit:

• Bachelor’s degree in Computer Science, Cybersecurity, or related technical field.
• 8+ years of total experience in IT or cybersecurity.
• 2+ years of hands-on application security engineering experience.
• 3+ years in a leadership role within application security or broader cybersecurity.
• Experience leading teams and building secure SDLC processes in tech companies.
• Strong understanding of OWASP methodologies, secure coding practices, authentication & authorization frameworks.
• Familiarity with programming languages, software architecture patterns, and applied cryptography.
• Understanding of container and cloud-native security principles.
• Knowledge of web, mobile, and system-level application security specifics.
• Deep analytical and critical thinking skills.
• Strong team leadership and mentorship abilities.
• Excellent collaboration across functions (engineering, QA, DevOps, product).
• Ownership mindset with proactive initiative-taking and continuous improvement.

Advantages: 

• Security certifications such as OSCP, CREST, or similar are a plus.
• Experience working with high-load SaaS platforms.
• Experience with bug bounty programs and offensive security techniques.

What we offer along the way:

• Competitive and attractive compensation
• Extensive learning opportunities, such as professional training and certifications, soft skills development, free English courses, and trading workshops
• Flight tickets to Cyprus, hotel or apartment accommodation for your first month, migration support, and legal help for you and your family
• Health and life insurance for employees, spouses, and children, including vaccinations, tests, mental health care, and coverage for vision and dental care
• Generous time off, including 21 days of annual leave and paid sick leave
• Education allowance for your children’s school and kindergarten fees 
• Access to our very own sports club with dedicated coaches, free Sanctum Club memberships for you and your spouse, corporate SUPs, jet skis, etc. 
• A branded company car with a parking space near the office
• Outstanding team-building experiences and Exness community gatherings

Please submit your application no later than 15 August 2025.