Senior Application Security Engineer

Senior Application Security Engineer

Full-Time No working from home possible
Additional Resources

Salary: £70,000 - 80,000 per year

Requirements

  • Previously worked as a Senior Application Security Engineer, Lead Application Security Engineer, Principal Application Security Engineer, Application Security Engineer, Senior Product Security Engineer, Product Security Engineer, Senior DevSecOps Engineer, DevSecOps Engineer, Application Security Consultant, or in a similar role.
  • Hands‑on experience embedding application security into the SDLC.
  • Experience securing APIs, internet‑facing services, Kubernetes environments, preferably AKS, and containerised environments.
  • Experience working with engineering teams and implementing security testing tools such as SAST, DAST, IAST, and SCA.
  • Knowledge of security automation, security‑as‑code, policy‑as‑code, and secure engineering practices including code review, testing, source control, and documentation.
  • Familiarity with CI/CD tools such as GitHub and GitHub Actions.
  • Highly skilled in Terraform and Python.
  • Strong understanding of Azure security controls and cloud security governance.
  • Experience with threat modelling in software engineering contexts.
  • Knowledge of ISO 27001 and its relevance to secure engineering.
  • Familiarity with Agile and DevSecOps methodologies.
  • Eligible to work in the UK.

Responsibilities

  • Work closely with engineering and architecture teams to promote secure development from the earliest stages of delivery.
  • Implement and maintain application security testing solutions, enabling developers to identify and remediate security risks.
  • Enhance secure development processes by integrating security controls throughout CI/CD pipelines.
  • Strengthen the security of GitHub Actions and comparable continuous integration and deployment platforms.
  • Provide technical guidance on secure API design and protecting externally accessible systems.
  • Support the security of Azure cloud infrastructure, including Azure Kubernetes Service (AKS).
  • Assist with the protection of cloud‑hosted data platforms and associated technologies.
  • Develop and maintain security‑as‑code and policy‑as‑code using appropriate tooling.
  • Automate security processes through infrastructure‑as‑code and scripting technologies.
  • Produce and maintain technical documentation, security procedures, and service documentation.
  • Support development teams with the adoption and integration of security tooling and best practices.
  • Contribute to wider cyber security initiatives, including threat modelling and compliance activities.

Technologies

  • API
  • Azure
  • CI/CD
  • Cloud
  • DevSecOps
  • GitHub
  • Support
  • Kubernetes
  • Python
  • Security
  • Terraform

More

We are a well-established health research organisation and charity that supports large-scale medical research to improve disease prevention, diagnosis, and treatment. This is a full‑time permanent Senior Application Security Engineer role on a hybrid basis with our Central London office. We offer a salary from £70,000 per annum and an excellent benefits package. Visa sponsorship is not available.

last updated 27 week of 2026

#J-18808-Ljbffr

Senior Application Security Engineer employer: Additional Resources

Join a forward-thinking company that values innovation and technical excellence, where as a Senior Platform Engineer, you will play a pivotal role in scaling a pioneering platform. With a strong emphasis on employee growth, collaborative work culture, and the opportunity to lead cutting-edge projects, this position offers a unique chance to make a meaningful impact in a dynamic environment. Located in a vibrant area, the company provides excellent benefits and fosters a culture of continuous learning and development.

Additional Resources

Contact Details:

Additional Resources Recruitment Team