Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead application security efforts, conduct risk assessments, and support development teams.
- Company: Holland & Barrett is a leading health and wellness retailer focused on digital transformation.
- Benefits: Enjoy 33 days holiday, private medical care, and a 25% discount on products.
- Why this job: Make a real impact in cybersecurity while working in a diverse and inclusive environment.
- Qualifications: 5+ years in application security and software development; strong communication skills required.
- Other info: Join a team that values wellbeing and offers career development opportunities.
The predicted salary is between 48000 - 72000 £ per year.
Senior Application Security Engineer (33957)
At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team!
Key Responsibilities:
- Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development.
- Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management.
- Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls.
- Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams.
- Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies.
Key Requirements:
- 5+ years of experience in application security, with at least 3+ years in software development.
- Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms.
- Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization).
- Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously.
- Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards.
- Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams.
What we offer:
- Pension company contribution = 3%
- Incentive scheme up to 10% of annual salary , based on company performance.
- Your wellbeing is paramount so you can get away and take 33Days Holiday per year .
- Private Medical Care (Self after 1 year)
- Learning and Development opportunity with Holland & Barrett is a great base for career development long term.
- Refer and Earn Scheme – as we\’re growing you can earn money by referring people to join us from your network.
- Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers.
- Stay healthy with Discounted Products – from day one you\’ll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy.
- We all need a little help sometimes, so weoffer Free 24/7 Confidential Advice & Colleague Welfare .
- Mental Health First Aiders – we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing.
- Stay active in the Onsite Gym at our Nuneaton Hub!
- We have colleague Reward and Recognition Schemes , so your hard work and loyalty won\’t go unnoticed.
- And many more!
We\’re passionate about helping every colleague thrive across all dimensions of wellbeing, and we\’re committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues\’ unique and varying experiences, backgrounds, identities and cultures – I am me, we are H&B.
Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).
Vacancy Alerts
Create an alert subscription based on this vacancy
#J-18808-Ljbffr
Senior Application Security Engineer employer: China-Britain Business Council
Contact Detail:
China-Britain Business Council Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Engineer
✨Tip Number 1
Familiarise yourself with Holland & Barrett's current application security practices and challenges. Research their recent projects or initiatives in cybersecurity to demonstrate your understanding of their needs during any discussions.
✨Tip Number 2
Network with professionals in the cybersecurity field, especially those who have experience in application security. Engaging with industry peers can provide insights into best practices and may even lead to referrals for the position.
✨Tip Number 3
Prepare to discuss specific examples from your past work that showcase your experience with secure coding practices and risk assessments. Being able to articulate your hands-on experience will set you apart from other candidates.
✨Tip Number 4
Stay updated on the latest trends and technologies in application security, particularly around AWS, Kubernetes, and API security. Showing that you are proactive about learning can impress the hiring team and demonstrate your commitment to the role.
We think you need these skills to ace Senior Application Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in application security and software development. Emphasise your understanding of secure coding practices, threat modelling, and any relevant technologies like AWS and Kubernetes.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for cybersecurity and your ability to lead security initiatives. Mention specific examples of how you've integrated security into the software development lifecycle in previous roles.
Highlight Relevant Experience: In your application, focus on your 5+ years of experience in application security. Detail your project management skills and your familiarity with Agile methodologies, as these are key requirements for the role.
Showcase Communication Skills: Since the role requires collaboration with both technical and non-technical teams, include examples of how you've effectively communicated complex security concepts to diverse audiences in your past positions.
How to prepare for a job interview at China-Britain Business Council
✨Showcase Your Technical Expertise
As a Senior Application Security Engineer, it's crucial to demonstrate your deep understanding of application security concepts. Be prepared to discuss secure coding practices, threat modelling, and vulnerability management in detail. Use specific examples from your past experience to illustrate your knowledge.
✨Highlight Collaboration Skills
Since the role involves working with both technical and non-technical teams, emphasise your ability to communicate complex security concepts clearly. Share instances where you've successfully collaborated with diverse teams to integrate security into product design and development.
✨Discuss Your Experience with Tools and Technologies
Familiarity with AWS, Kubernetes, and API security is essential for this position. Be ready to talk about your hands-on experience with these technologies and how you've used them to enhance application security in previous roles.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about potential security threats and how you would conduct risk assessments or implement security controls. This will showcase your proactive approach to application security.
