Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead secure development practices and embed security in software delivery.
- Company: Dynamic fintech company focused on innovation and security.
- Benefits: 25 days annual leave, pension scheme, healthcare perks, and career development.
- Why this job: Make a real impact by enhancing application security in a collaborative environment.
- Qualifications: Experience in application security, secure coding, and familiarity with cloud platforms.
- Other info: Join a team that values continuous improvement and offers excellent career growth.
The predicted salary is between 48000 - 72000 £ per year.
My client is seeking a technically skilled and proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring that threat modelling and architecture reviews are consistently applied across all development efforts. You will work closely with engineering and platform teams to integrate security into CI/CD pipelines, automate vulnerability detection, and drive continuous improvement in application security posture.
Key Responsibilities
- Embed security controls into CI/CD pipelines and development workflows.
- Implement and manage SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle.
- Conduct secure code reviews and support developers in remediating findings.
- Lead threat modelling sessions using standard methodologies to identify design flaws.
- Review application architectures to ensure alignment with security objectives and mitigation of common threats.
- Maintain and update reference architectures based on threat modelling insights.
Tooling & Automation
- Deploy and manage application security tools and integrate them with existing platforms.
- Automate security tasks using scripting (e.g., Python, PowerShell) or SOAR platforms.
Governance & Compliance
- Ensure alignment with ISO 27001, FCA, and NIST standards.
- Contribute to audit readiness and support compliance automation platforms such as Drata.
- Work with engineering teams to promote secure coding practices.
- Support the rollout of role-based security training and awareness initiatives.
- Act as a security champion within development squads and mentor junior engineers.
Skills, Knowledge & Expertise
- Broad experience in application security or secure software development.
- Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling.
- Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners.
- Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps practices.
- Knowledge of regulatory frameworks (ISO 27001, FCA, NIST).
- Excellent communication skills and ability to work cross-functionally.
- Experience in fintech or regulated environments.
- Certifications such as OSCP, CSSLP, or CISSP.
- Familiarity with compliance automation platforms (e.g., Drata).
- Exposure to legacy system security challenges and modernisation strategies.
- A true team player with a winning mentality and strong work ethic committed to continuous improvement and high performance.
- Adaptable, tenacious and flexible who is able to perform under pressure.
Benefits
- 25 days’ annual leave, plus bank holidays and an extra day off for your birthday!
- Holiday loyalty scheme.
- Enrolment into our pension scheme, which we offer via a salary exchange scheme.
- Access to a financial education, planning and coaching platform.
- Membership with Healthcare platform, which offers cash back on healthcare focused on dental, optical & physio, plus access to stress helplines, a virtual GP and more.
- Salary exchange nursery fees.
- Enhanced parental leave.
- Cycle to work.
- Career development and progression tools.
- Company events – Sporting events, pub nights, seasonal parties, socials.
AppSec Lead / DevSecOps Lead employer: Cyberteam
Contact Detail:
Cyberteam Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land AppSec Lead / DevSecOps Lead
✨Tip Number 1
Network like a pro! Reach out to folks in your industry on LinkedIn or at local meetups. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to application security and DevSecOps. This gives potential employers a tangible look at what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on common technical questions and scenarios related to application security. Practice explaining your thought process clearly, as communication is key in cross-functional teams.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace AppSec Lead / DevSecOps Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that match the job description. Highlight your experience with application security, secure coding practices, and any relevant tools you've used. We want to see how you can bring value to our team!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about application security and how your background aligns with our needs. Be sure to mention specific projects or achievements that demonstrate your expertise.
Showcase Your Technical Skills: Since this role is all about technical prowess, don’t shy away from detailing your experience with SAST, DAST, and CI/CD pipelines. We love seeing candidates who can articulate their hands-on experience with these tools and methodologies.
Apply Through Our Website: We encourage you to apply directly through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people. Plus, we love seeing applications come in through our own platform!
How to prepare for a job interview at Cyberteam
✨Know Your Tools
Familiarise yourself with the specific security tools mentioned in the job description, like SAST, DAST, and SCA. Be ready to discuss how you've used these tools in past projects and how they can be integrated into CI/CD pipelines.
✨Showcase Your Secure Coding Knowledge
Brush up on the OWASP Top 10 and secure coding techniques. Prepare examples of how you've implemented secure coding practices in previous roles, and be ready to discuss any challenges you faced and how you overcame them.
✨Demonstrate Cross-Functional Collaboration
This role requires working closely with engineering and platform teams. Think of examples where you've successfully collaborated across teams to embed security practices. Highlight your communication skills and how you’ve acted as a security champion.
✨Prepare for Threat Modelling Discussions
Since leading threat modelling sessions is a key responsibility, be prepared to explain your approach to identifying design flaws. Consider discussing a past experience where you led such a session and the outcomes that resulted from it.
