Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Secure web applications through hands-on technical work and automation.
- Company: Global tech organisation with a large in-house engineering team.
- Benefits: Up to £80,000 salary, performance bonuses, hybrid working, and generous leave.
- Why this job: Make a real impact on application security while enjoying autonomy and technical challenges.
- Qualifications: Strong coding skills in Golang/Python and proven application security experience.
- Other info: Join a dynamic team focused on innovation and collaboration.
The predicted salary is between 48000 - 64000 £ per year.
Permanent Location: Manchester (Hybrid minimum 2 days per week onsite)
Salary: up to £80,000
Car Allowance
Bonus Scheme
About the Client
Our client is a global technology-led organisation operating at significant scale, with a large in-house engineering function delivering high-traffic, business-critical web applications. Their application security team plays a pivotal role in protecting platforms built by over 1,000 developers, working in a fast-paced, engineering-driven environment. The team is evolving rapidly, moving away from manual security processes towards automation, bespoke tooling and closer collaboration with development teams. This role offers genuine autonomy, technical challenge and the opportunity to influence application security at scale.
How you'll spend your day
As a Senior Application Security Engineer, you'll sit at the intersection of development and security, helping to secure internally built web applications through hands-on technical work, automation and strong developer engagement. You'll be trusted to operate with autonomy, shaping how application security is delivered across the organisation.
Key responsibilities include:
- Reviewing application code to identify and remediate security vulnerabilities across modern web applications
- Performing and supporting web application penetration testing, focused on real-world risk rather than tick-box security
- Designing, building and improving security tooling and automation for tasks such as code review and vulnerability detection
- Working closely with developers to advise on secure design, remediation approaches and best practice
- Supporting the shift from manual-heavy processes to scalable, automated and AI-assisted security workflows
- Acting as a senior technical voice within the team, contributing to decisions, mentoring others and influencing direction
- Participating in on-call activity as required, supporting high-availability systems
What you'll bring to this role
This role suits a senior, hands-on security professional with a strong development background who enjoys solving complex problems and engaging directly with engineers. You'll bring:
- Strong coding experience, particularly in Golang and/or Python (experience with .NET also beneficial)
- Proven application security experience, with a focus on web application vulnerabilities rather than infrastructure-only security
- Hands-on experience with code review, penetration testing, and identifying issues such as XSS, SQL injection and logic flaws
- Experience building or improving security automation and tooling (DevSecOps mindset)
- Familiarity with tools such as Burp Suite, SAST/DAST tools, GitHub/GitLab, Linux and Docker
- The confidence and communication skills to work with large, opinionated developer groups and challenge constructively
- A pragmatic, delivery-focused mindset suited to a fast-moving, commercial environment
- Security certifications (e.g. OSCP, OSWE, DevSecOps) are desirable but not essential; practical capability matters more
Perks & Benefits:
- Performance-Based Bonus: Annual bonus paid in two instalments (April & September), based on company and personal performance.
- Pension Scheme: Employer-matched contributions of up to 7.5%.
- Hybrid Working: Minimum 2 days per week in the office, with flexibility on which days.
- Flexible Working Hours: 40-hour workweek with flexibility in how hours are structured.
- Generous Annual Leave: 25 days holiday + your birthday off, plus bank holidays. Option to buy or sell up to 5 additional days.
- Free Gym Membership: Available to all employees.
No Visa Sponsorship Available for this role.
What happens next?
One of our Recruitment Consultants will be in touch and inform you if you've been successful to the next stage of the process or not, which is a qualification call where we will tell you more about the role and the client, and understand more about you, your experience and career aspirations. Should we both wish to proceed, we will submit your details to the client and be in touch regarding the outcome and any further steps. The interview process for this client consists of:
- Stage 1: Remote 60-90 minutes technical interview involving a code review.
- Stage 2: Onsite 60 minute interview focussed on CV background and culture.
Equal Opportunities
We are committed to providing equal opportunities for all candidates and welcome applications from individuals regardless of age, disability, gender identity, marital status, race, religion or belief, sexual orientation, or any other characteristic protected by law. As an employment agency for permanent and contract hires, we are dedicated to promoting a diverse and inclusive workforce, and we encourage applications from underrepresented groups to drive innovation and equality within the workplace. Should you require any reasonable adjustments please let us know so we can accommodate for any interactions with us at Biometric Talent, but also inform the client to ensure reasonable adjustments are made to allow for a fair and equitable process.
Senior Application Security Specialist in Manchester employer: BIOMETRIC TALENT
Contact Detail:
BIOMETRIC TALENT Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Specialist in Manchester
✨Tip Number 1
Network like a pro! Reach out to your connections in the tech world, especially those in application security. A friendly chat can lead to insider info about job openings or even referrals that could give you a leg up.
✨Tip Number 2
Prepare for technical interviews by brushing up on your coding skills, especially in Golang and Python. Practice common security vulnerabilities like XSS and SQL injection, so you can showcase your expertise when it counts.
✨Tip Number 3
Don’t underestimate the power of a good follow-up! After interviews, send a quick thank-you note to express your appreciation and reiterate your interest in the role. It keeps you fresh in their minds!
✨Tip Number 4
Apply through our website for the best chance at landing that Senior Application Security Specialist role. We’re all about making connections and helping you find the right fit, so don’t miss out!
We think you need these skills to ace Senior Application Security Specialist in Manchester
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that align with the Senior Application Security Specialist role. Highlight your coding experience, especially in Golang and Python, and any relevant security certifications you might have.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're passionate about application security. Share specific examples of how you've tackled web application vulnerabilities and your approach to automation and tooling.
Showcase Your Technical Skills: In your application, don't shy away from mentioning your hands-on experience with code reviews and penetration testing. We want to see how you've identified issues like XSS or SQL injection in past projects.
Apply Through Our Website: We encourage you to apply directly through our website for a smoother process. This way, we can ensure your application gets the attention it deserves and you can easily track your progress!
How to prepare for a job interview at BIOMETRIC TALENT
✨Know Your Code Inside Out
As a Senior Application Security Specialist, you'll need to demonstrate your coding prowess. Brush up on Golang and Python, and be ready to discuss your past projects. Prepare to explain how you've identified and remediated vulnerabilities in your code.
✨Showcase Your Security Mindset
Be prepared to talk about real-world application security challenges you've faced. Discuss specific vulnerabilities like XSS or SQL injection that you've encountered and how you tackled them. This will show your hands-on experience and understanding of the field.
✨Familiarise Yourself with Tools
Make sure you're comfortable discussing tools like Burp Suite, SAST/DAST tools, and GitHub/GitLab. If you've built or improved security automation, have examples ready to share. This will highlight your DevSecOps mindset and technical capabilities.
✨Engage with Developers
Since this role involves working closely with developers, practice articulating your thoughts clearly and constructively. Think of ways to demonstrate your ability to advise on secure design and best practices, as well as how you can influence and mentor others in the team.
