Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as a Security Engineer to enhance application security and embed secure practices in our software lifecycle.
- Company: IFX Payments is a leading global provider of foreign exchange and payment solutions, focused on service-led banking.
- Benefits: Enjoy 25 days annual leave, healthcare plans, discounts, life insurance, and opportunities for career growth.
- Why this job: Be part of a high-performance team that values your contributions and supports your professional development.
- Qualifications: Experience in application security, knowledge of OWASP, and familiarity with cloud platforms and CI/CD pipelines required.
- Other info: This role is hybrid based in central London; eligibility to work in the UK is necessary.
The predicted salary is between 36000 - 60000 £ per year.
About IFX Payments
We\’re an award-winning global provider of foreign exchange and payment solutions. At IFX, our mission is to become the number one service-led alternative banking partner in EMEA for corporates and Financial Institutions that add value beyond the transaction. We have one guiding principle: to
Win. Properly.
What we offer
Everyone at IFX Payments has a meaningful and impactful role to play in helping us achieve that goal. We take pride in the quality of our work but balance that with the speed, intent, tenacity, and focus needed to win. We\’re a high-performance team who can trust each other as individuals to get the job done so we can be successful together.
Being part of IFX Payments, you\’ll receive every opportunity to thrive in your role to contribute to that success. We\’ll invest in you along the way to genuinely help you grow and take your career to new and exciting places. You\’ll work alongside experienced industry leaders, receive guidance from pioneering performance coaches and have the option to gain qualifications in your field that help you realise your ambitions. In exchange, we don\’t expect anything extra from you during your time here. We only ask you to do one thing:
Make it count.
Benefits
- 25 days of annual leave + bank holidays and your birthday off.
- Pension auto-enrolment with salary sacrifice contributions.
- Healthcare cash plan including support for dental, physio and therapies.
- Discounts on fitness, cinema discounts, shopping, travel, entertainment and more!
- Life Insurance.
- Work abroad.
- Cycle to work.
- Nursery fees salary exchange.
- Employee Assistant Programme
- Career progression with excellent training and development.
- Company events – Pub nights, sporting events, seasonal parties, socials
Overview of the role
IFX Payments is seeking a technically skilled and proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring that threat modelling and architecture reviews are consistently applied across all development efforts.
You will work closely with engineering, and platform teams to integrate security into CI/CD pipelines, automate vulnerability detection, and drive continuous improvement in application security posture.
Responsibilities
Secure Development Lifecycle (SDLC)
- Embed security controls into CI/CD pipelines and development workflows.
- Implement and manage SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle
- Conduct secure code reviews and support developers in remediating findings.
Threat Modelling & Architecture Review
- Lead threat modelling sessions using standard methodologies to identify design flaws
- Review application architectures to ensure alignment with security objectives and mitigation of common threats.
- Maintain and update reference architectures based on threat modelling insights.
Tooling & Automation
- Deploy and manage application security tools and integrate them with existing platforms.
- Automate security tasks using scripting (e.g., Python, PowerShell) or SOAR platforms.
Governance & Compliance
- Ensure alignment with ISO 27001, FCA, and NIST standards.
- Contribute to audit readiness and support compliance automation platforms such as Drata
Collaboration & Training
- Work with engineering teams to promote secure coding practices.
- Support the rollout of role-based security training and awareness initiatives.
- Act as a security champion within development squads and mentor junior engineers.
Requirements
- Broad experience in application security or secure software development.
- Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling.
- Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners.
- Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps practices.
- Knowledge of regulatory frameworks (ISO 27001, FCA, NIST).
- Excellent communication skills and ability to work cross-functionally.
- Experience in fintech or regulated environments.
- Certifications such as OSCP, CSSLP, or CISSP.
- Familiarity with compliance automation platforms (e.g., Drata).
- Exposure to legacy system security challenges and modernisation strategies.
- A true team player with a winning mentality and strong work ethic committed to continuous improvement and high performance.
- Adaptable, tenacious and flexible who is able to perform under pressure.
Diversity & Inclusion
We believe that diversity and inclusion are essential to our success. We are committed to fostering a culture where everyone feels valued and respected, regardless of their background, identity or experiences. By embracing diverse perspectives and promoting equity, we aim to create an environment where all employees can perform and reach their full potential.
Additional Information
– We work on a hybrid basis from our office in central London.
– You must be eligible to work in the UK to be considered for this position.
– Full background check will be carried out. #J-18808-Ljbffr
Security Engineer - Application Security employer: IFX Payments
Contact Detail:
IFX Payments Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Engineer - Application Security
✨Tip Number 1
Familiarise yourself with the OWASP Top 10 and secure coding techniques. Being well-versed in these areas will not only help you during interviews but also demonstrate your commitment to application security.
✨Tip Number 2
Engage with the fintech community by attending relevant meetups or webinars. Networking with professionals in the field can provide insights into industry trends and may even lead to referrals for job openings.
✨Tip Number 3
Showcase your experience with CI/CD pipelines and automation tools in your discussions. Highlighting your practical knowledge in integrating security into development workflows will set you apart from other candidates.
✨Tip Number 4
Prepare to discuss your experience with compliance frameworks like ISO 27001 and NIST. Understanding these regulations is crucial for the role, and being able to articulate your knowledge will impress potential employers.
We think you need these skills to ace Security Engineer - Application Security
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in application security and secure software development. Emphasise your familiarity with OWASP Top 10, secure coding techniques, and any specific tools you've used like SAST or DAST.
Craft a Strong Cover Letter: In your cover letter, express your passion for application security and how your skills align with IFX Payments' mission. Mention specific projects where you've successfully implemented security measures or improved security postures.
Showcase Relevant Certifications: If you have certifications such as OSCP, CSSLP, or CISSP, make sure to include them prominently in your application. This demonstrates your commitment to the field and enhances your credibility.
Highlight Collaboration Skills: Since the role involves working closely with engineering teams, emphasise your ability to collaborate and communicate effectively. Provide examples of how you've supported developers in remediating security findings or led training initiatives.
How to prepare for a job interview at IFX Payments
✨Understand the Secure Development Lifecycle
Familiarise yourself with the Secure Development Lifecycle (SDLC) and be prepared to discuss how you would embed security controls into CI/CD pipelines. Highlight any previous experience you have in implementing secure coding standards and conducting secure code reviews.
✨Showcase Your Knowledge of OWASP
Make sure you can articulate your understanding of the OWASP Top 10 vulnerabilities. Be ready to provide examples of how you've addressed these issues in past projects, as this will demonstrate your practical knowledge in application security.
✨Discuss Tooling and Automation Experience
Be prepared to talk about your experience with security tools such as SAST, DAST, and SCA. If you've automated security tasks using scripting languages like Python or PowerShell, share specific examples to illustrate your technical skills.
✨Emphasise Collaboration and Training Skills
Since the role involves working closely with engineering teams, highlight your ability to promote secure coding practices and mentor junior engineers. Discuss any previous experiences where you've successfully rolled out training initiatives or acted as a security champion.
