Senior Application Security Engineer in London

Senior Application Security Engineer in London

London Full-Time 60000 - 80000 £ / year (est.) Home office (partial)
Cognism

At a Glance

  • Tasks: Join us to secure innovative applications and drive security practices across our engineering teams.
  • Company: Cognism, a leading B2B data provider with a vibrant, inclusive culture.
  • Benefits: Competitive salary, flexible working, and a supportive community focused on growth.
  • Other info: Be part of a diverse team that values collaboration and celebrates success.
  • Why this job: Make a real impact by embedding security in cutting-edge tech and AI features.
  • Qualifications: 5-10 years in application security with strong cloud and coding experience.

The predicted salary is between 60000 - 80000 £ per year.

Cognism is the leading provider of European B2B data and sales intelligence. Ambitious businesses of every size use our platform to discover, connect, and engage with qualified decision-makers faster and close more deals. Headquartered in London with global offices, Cognism’s contact data and contextual signals are trusted by thousands of revenue teams to eliminate the guesswork from prospecting.

The Senior Application Security Engineer is a key member of Cognism’s Information Security Team, reporting into the Application & Infrastructure Security Manager. Your mission is to embed security by design across our engineering and product organization by integrating modern application security practices throughout the full development lifecycle. We focus on building secure, scalable, and resilient systems while enabling the business to innovate quickly and safely. It is to drive a culture where the fastest path for our engineers is the securest path.

You will work closely with Product, Engineering, Architecture, and Data teams to understand risks within our platform, including risks introduced by AI powered features, and ensure the right controls, guardrails, and security patterns are built into the product at its inception – all the while ensuring a balanced approach to the product experience that our thousands of large global enterprise customers use every day. This role is ideal for a senior IC who is technical, collaborative, and pragmatic, with the ability to influence engineering teams while driving hands on improvements to Cognism’s secure SDLC.

KEY RESPONSIBILITIES
  • Security by Design & Product Integration: Partner with Product, Web and Data Engineering teams from the ideation stage to ensure security requirements are considered early in feature and model design. Translate product and application risks into actionable security controls, making recommendations repeatable to build guardrails and guidance that product, design, and engineering teams can apply as they scale and build the products in the teams they own. Help shape security acceptance criteria and guide engineering teams during design reviews and backlog planning.
  • Application Risk Assessment & AI Security: Identify and assess application risks across Cognism’s SaaS platform, data processing pipelines, including emerging risks associated with AI/ML capabilities. Contribute to AI feature reviews and participate in AI risk assessments to ensure responsible and secure use of models, in a way that balances the need to innovate and challenge the status quo in AI implementation. Assess and pragmatically recommend mitigations for security risks in data pipelines, model-training workflows, feature stores, and ML systems, ensuring strong controls for data access, data lineage, model integrity, and protection of sensitive datasets.
  • Secure SDLC & DevSecOps Enablement: Partner with our engineering and platform team to embed security guardrails into our software development lifecycle and agile engineering workflows. Partner with engineering teams to integrate and optimize security tooling into CI/CD pipelines (SAST, SCA, DAST, container scanning, IaC scanning). Drive automation and developer-friendly security processes that minimize friction and support rapid delivery.
  • Threat Modelling & Architecture Support: Conduct and facilitate a self-serve, risk-driven approach to pragmatic threat modelling sessions for new features, services, and AI components. Conduct threat modelling for data architectures, including ingestion, transformation, storage, streaming, and ML model deployment patterns, ensuring data confidentiality, integrity, and responsible use. Provide hands-on application security guidance to engineering teams, helping them implement secure APIs, microservices, data flows, and integrations. Maintain and expand Cognism’s secure coding standards, guidance, and reusable security patterns.
  • Application Security Testing & Engineering: Perform hands-on security testing (manual and automated) for web applications, microservices, APIs, and cloud components. Plan, coordinate, and oversee penetration tests, red team exercises, and third-party security assessments, ensuring findings are addressed and tracked. Validate findings, assist with prioritization, and partner with engineering teams on remediation strategies.
  • Collaboration, Education & Influence: Work directly with product squads, acting as a trusted advisor and embedded security partner. Take the time to understand what other teams are working on, what business priorities are, and partner with teams to recommend risk mitigations that balance risk with opportunity and that take into account the threat landscape. Deliver security training, workshops, and guidance to improve engineering teams’ security maturity. Communicate security risk and tradeoffs clearly and constructively to technical and nontechnical stakeholders.
CORE COMPETENCIES
  • Strong technical depth in application security, cloud security, and secure development. Understanding of modern data stack components (e.g., data pipelines, feature stores) and the ability to collaborate effectively with data practitioners. Deep understanding of communication protocols used for web development is a must-have. Hands on experience with web application development, specifically for back-end development is a must-have competency.
  • Risk-Based Prioritization: Ability to distinguish between theoretical security risks and actual business threats, demonstrating a "risk-driven" rather than "compliance-driven" mindset. Comfortable balancing security risk with product and commercial realities.
  • Contextual Communication: Capacity to translate complex technical vulnerabilities into business-impact stories that resonate with non-technical stakeholders and product owners.
  • Collaborative Conflict Resolution: Proven track record of approaching engineering friction with transparency and pragmatism, balancing a firm stance on security with a deep care for the developer experience. Pragmatic problem solver with a growth mindset and bias toward action.
  • Architectural Empathy: Ability to put yourself in the position of your users (the engineers) to build security guardrails that are repeatable and embedded into existing workflows rather than added as hurdles.
EDUCATION & EXPERIENCE
  • 5–10+ years of experience in Application Security, Product Security, or Security Engineering roles. Strong experience securing cloud native SaaS platforms (AWS preferred) and Data pipelines.
  • Hands-on experience with secure coding, application testing, and CI/CD security automation. Experience working closely with engineering and product teams in agile environments.
  • Familiarity with security frameworks such as OWASP ASVS, OWASP Top 10, NIST, ISO 27001/2. Experience evaluating and securing AI/ML enabled features is a strong advantage. Experience in SME or high-growth SaaS environments preferred.

At Cognism, we’re not just building a company - we’re building an inclusive community of brilliant, diverse people who support, challenge, and inspire each other every day. If you’re looking for a place where your work truly makes an impact, you’re in the right spot! Our values aren’t just words on a page—they guide how we work, how we treat each other, and how we grow together. They shape our culture, drive our success, and ensure that everyone feels valued, heard, and empowered to do their best work. Here’s what we stand for: 🤝 We Own the Outcome Together.🤓 We Deeply Understand our Customers. 🏆 We Celebrate Impact Wherever It Comes From. At Cognism, we are committed to fostering an inclusive, diverse, and supportive workplace. We welcome applications from individuals typically underrepresented in tech, so if this role excites you but you’re unsure if you meet every requirement, we encourage you to apply!

Senior Application Security Engineer in London employer: Cognism

Cognism is an exceptional employer that prioritises a culture of inclusivity, collaboration, and innovation, making it an ideal place for a Senior Application Security Engineer to thrive. With a commitment to employee growth and development, Cognism offers opportunities to work on cutting-edge technology in a supportive environment, where your contributions directly impact the success of thousands of global enterprise customers. Located in London, you will be part of a dynamic team that values diverse perspectives and encourages creative problem-solving, ensuring that every voice is heard and valued.

Cognism

Contact Details:

Cognism Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior Application Security Engineer in London

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Cognism, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Cognism

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Cognism. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Senior Application Security Engineer in London

Application Security
Cloud Security
Secure Development
Risk Assessment
AI/ML Security
Secure SDLC
DevSecOps

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Cognism insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Cognism that you’re committed to staying ahead in the game.

How to prepare for a job interview at Cognism

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Cognism to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Cognism.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.