Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead secure development practices and embed security in software delivery.
- Company: Dynamic fintech company focused on application security.
- Benefits: 25 days annual leave, competitive salary, and professional growth opportunities.
- Why this job: Make a real impact by enhancing application security in innovative projects.
- Qualifications: Experience in application security and strong understanding of secure coding.
- Other info: Join a collaborative team and mentor junior engineers in a fast-paced environment.
The predicted salary is between 48000 - 84000 £ per year.
My client is seeking a technically skilled and proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring that threat modelling and architecture reviews are consistently applied across all development efforts.
You will work closely with engineering and platform teams to integrate security into CI/CD pipelines, automate vulnerability detection, and drive continuous improvement in application security posture.
Key Responsibilities
- Embed security controls into CI/CD pipelines and development workflows.
- Implement and manage SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle.
- Conduct secure code reviews and support developers in remediating findings.
- Lead threat modelling sessions using standard methodologies to identify design flaws.
- Review application architectures to ensure alignment with security objectives and mitigation of common threats.
- Maintain and update reference architectures based on threat modelling insights.
- Deploy and manage application security tools and integrate them with existing platforms.
- Automate security tasks using scripting (e.g., Python, PowerShell) or SOAR platforms.
- Ensure alignment with ISO 27001, FCA, and NIST standards.
- Contribute to audit readiness and support compliance automation platforms such as Drata.
- Work with engineering teams to promote secure coding practices.
- Support the rollout of role-based security training and awareness initiatives.
- Act as a security champion within development squads and mentor junior engineers.
Skills, Knowledge & Expertise
- Broad experience in application security or secure software development.
- Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling.
- Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners.
- Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps practices.
- Knowledge of regulatory frameworks (ISO 27001, FCA, NIST).
- Excellent communication skills and ability to work cross-functionally.
- Experience in fintech or regulated environments.
- Certifications such as OSCP, CSSLP, or CISSP.
- Familiarity with compliance automation platforms (e.g., Drata).
- Exposure to legacy system security challenges and modernisation strategies.
- A true team player with a winning mentality and strong work ethic committed to continuous improvement and high performance.
- Adaptable, tenacious and flexible who is able to perform under pressure.
Benefits
25 days’ annual leave, plus
AppSec Lead / DevSecOps Lead in London employer: Cyberteam
Contact Detail:
Cyberteam Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land AppSec Lead / DevSecOps Lead in London
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend meetups, webinars, or even local tech events. You never know who might have the inside scoop on job openings or can refer you directly to hiring managers.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to application security. This gives potential employers a tangible look at what you can do and how you approach secure coding practices.
✨Tip Number 3
Prepare for interviews by brushing up on common application security scenarios. Be ready to discuss how you've implemented SAST, DAST, or automated security tasks in past roles. We want to see your thought process and how you tackle real-world challenges!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace AppSec Lead / DevSecOps Lead in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the role of AppSec Lead. Highlight your experience with secure coding practices, CI/CD pipelines, and any relevant tools like SAST or DAST. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about application security and how you can contribute to our team. Be sure to mention specific projects or experiences that relate to the job description.
Showcase Your Technical Skills: Don’t hold back on showcasing your technical expertise! Mention your familiarity with cloud platforms, regulatory frameworks, and any certifications you have. We love seeing candidates who are proactive about their learning and development.
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you don’t miss out on any important updates. Plus, it’s super easy!
How to prepare for a job interview at Cyberteam
✨Know Your Security Tools
Familiarise yourself with the specific security tools mentioned in the job description, like SAST, DAST, and SCA. Be ready to discuss how you've used these tools in past projects and how they can be integrated into CI/CD pipelines.
✨Showcase Your Threat Modelling Skills
Prepare to talk about your experience with threat modelling sessions. Have examples ready that demonstrate your ability to identify design flaws and how you’ve contributed to improving application security in previous roles.
✨Understand Compliance Standards
Brush up on ISO 27001, FCA, and NIST standards. Be prepared to explain how you’ve ensured compliance in your past work and how you would approach audit readiness in this new role.
✨Be a Team Player
Highlight your collaborative skills and experiences. Discuss how you’ve worked cross-functionally with engineering teams to promote secure coding practices and how you’ve mentored junior engineers in the past.
