Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Secure software delivery by embedding security across platforms and leading threat modelling.
- Company: Join a cutting-edge software supply chain company focused on secure software delivery.
- Benefits: Enjoy remote work options, flexible hours, and a collaborative culture.
- Why this job: Combine your passion for building and breaking to enhance software security and make a real impact.
- Qualifications: Experience in software development, application security, and tools like Python and AWS is essential.
- Other info: This role is remote within the Island of Ireland or the UK only.
The predicted salary is between 48000 - 84000 £ per year.
Some people like building things. Others like breaking them. You? You love both and more importantly, you love stopping bad actors from breaking the things you helped build. If that sounds like your vibe, we’ve got a job you’ll want to see. This job is with the software supply chain company - securing and powering how software gets delivered everywhere.
What you'll do:
- Embed security across the platform, from source to prod.
- Architect security controls across distributed, cloud-native systems.
- Lead threat modeling and security reviews (and get people to enjoy them).
- Pen-test services and infra (ethically, please).
- Extend security automation and monitoring with tools like CircleCI, GitHub Actions, DataDog, AWS Security Hub, etc.
- Harden everything from container runtimes to APIs to artifact pipelines.
- Write secure code, review other people’s code, and help everyone level up their secure coding game.
- Build tools, automate boring stuff, and occasionally drop a ‘sploity’ proof of concept for fun.
You need:
- A background in software development. At your core, you’re a software engineer. Python for sure and a bit of TypeScript never hurt anyone.
- Deep application security knowledge.
- Hands-on experience with SAST, DAST, RASP, and securing cloud (preferably AWS).
- Strong grasp of container security, API security, IaC, and CI/CD.
- You’ve done pen testing, threat modeling, and maybe even built some of your own security tools.
- Big bonus if you’ve secured artifact systems or supply chains before.
- Bigger bonus if you’ve worked with Firecracker, gVisor, or fancy things like SCA and data enclaves.
- You believe security should enable, not block, engineering.
- You’re a diplomat - you gotta work with engineering to secure the SDLC, not spook them.
If interested, get in touch. This job is remote on the Island of Ireland or in the UK. You need to be physically located here - you cannot work remotely from another country. Work permit sponsorship is not available.
Senior Application Security Engineer employer: Cloudsmith
Contact Detail:
Cloudsmith Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Engineer
✨Tip Number 1
Familiarise yourself with the specific tools and technologies mentioned in the job description, such as CircleCI, GitHub Actions, and AWS Security Hub. Having hands-on experience with these tools will not only boost your confidence but also demonstrate your readiness to hit the ground running.
✨Tip Number 2
Engage with the application security community online. Join forums, attend webinars, or participate in discussions on platforms like LinkedIn. This will help you stay updated on the latest trends and best practices, and you might even make connections that could lead to referrals.
✨Tip Number 3
Prepare to discuss your past experiences in pen testing and threat modelling during interviews. Be ready to share specific examples of challenges you've faced and how you overcame them, as this will showcase your problem-solving skills and practical knowledge.
✨Tip Number 4
Highlight your ability to collaborate with engineering teams. Since the role requires a diplomatic approach to security, think of examples where you've successfully worked with developers to implement security measures without hindering their workflow.
We think you need these skills to ace Senior Application Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your software development background, particularly in Python and TypeScript. Emphasise your experience with application security, including SAST, DAST, and cloud security, to align with the job requirements.
Craft a Compelling Cover Letter: In your cover letter, express your passion for both building and securing software. Mention specific experiences where you've successfully implemented security measures or led threat modelling sessions, showcasing your ability to work collaboratively with engineering teams.
Showcase Relevant Projects: If you have worked on projects involving container security, API security, or CI/CD pipelines, be sure to include these in your application. Highlight any tools you've built or automated processes that demonstrate your proactive approach to security.
Prepare for Technical Questions: Anticipate technical questions related to application security, pen testing, and secure coding practices. Be ready to discuss your hands-on experience and how you’ve tackled security challenges in previous roles, as this will show your depth of knowledge.
How to prepare for a job interview at Cloudsmith
✨Showcase Your Technical Skills
Be prepared to discuss your experience with Python, TypeScript, and the various security tools mentioned in the job description. Highlight specific projects where you've implemented SAST, DAST, or secured cloud environments, especially AWS.
✨Demonstrate Your Problem-Solving Ability
Expect to face scenario-based questions that assess your ability to identify and mitigate security threats. Prepare examples of how you've approached threat modelling or pen-testing in past roles, showcasing your analytical skills.
✨Emphasise Collaboration
Since the role requires working closely with engineering teams, be ready to discuss how you've successfully collaborated with others to enhance security without hindering development. Share experiences where you acted as a diplomat in resolving conflicts between security and engineering needs.
✨Prepare for Cultural Fit Questions
Understand the company's culture and values, particularly their belief that security should enable engineering. Be ready to articulate how your approach to security aligns with this philosophy and how you can contribute positively to the team dynamic.
