At a Glance
- Tasks: Shape secure digital experiences and embed security in the development lifecycle.
- Company: Join giffgaff, a certified B Corp with a unique approach to connectivity.
- Benefits: Competitive rewards, hybrid working, and a supportive culture.
- Other info: Dynamic environment with opportunities for growth and collaboration.
- Why this job: Make a real impact on secure software while working with innovative tech.
- Qualifications: Strong coding skills and experience with security tools and practices.
This role is a 12 Month Fixed Term Contract. As a Senior Application Security Engineer at giffgaff, you’ll play a pivotal role in shaping how we build and deliver secure digital experiences for our members. You’ll act as the go-to expert for application security, helping engineering teams confidently ship software that is secure by design, while balancing risk with pace and innovation. In this role, you’ll embed security into every stage of the development lifecycle, from early threat modelling through to secure code reviews and vulnerability management. Working closely with engineers, you’ll simplify complex security challenges, champion best practice and help create a culture where secure software is the default, not an afterthought.
Who we are: We are a connectivity provider that does things differently. We call out the bad and find a better way. We're laser-focused on flexibility, value and mutual good, and proud to be a certified B Corp. Working at giffgaff gives you the energy and fast pace of our own culture, plus the benefits that come with being part of our parent company, Virgin Media O2. Our bright and modern office is in Uxbridge, West London, but most roles can be hybrid or remote.
The must haves:
- Strong experience reading and assessing code and APIs across languages such as Java, TypeScript or Python
- Hands‑on experience managing SAST, DAST and SCA tools, including triage and remediation
- Deep understanding of OWASP Top 10, secure coding practices and common web and API vulnerabilities
- Experience with cloud security in AWS and infrastructure as code, including Terraform
- Experience embedding security into CI/CD pipelines and DevSecOps practices
The other stuff we are looking for:
- Experience working with container and Kubernetes security
- Security certifications such as OSCP, CEH, CSSLP or Security+
- Exposure to AI‑enabled security tooling or securing AI‑driven features
- Experience contributing to or maintaining open source security tooling
- Background within telecommunications or connectivity environments
What's in it for you: We aim to celebrate our people and their lives, creating an inclusive and diverse culture. Working at giffgaff means you get a competitive reward package with benefits designed to support you and your loved ones. We support hybrid working, so you will have a suitable base location for collaboration, as well as the tools to work from home.
Senior Application Security Engineer in London employer: Giffgaff
At giffgaff, we pride ourselves on fostering a vibrant and inclusive work culture that empowers our employees to thrive. As a Senior Application Security Engineer, you'll enjoy the flexibility of hybrid working from our modern Uxbridge office while being part of a certified B Corp that values innovation and mutual good. With competitive rewards and a commitment to professional growth, giffgaff is an excellent employer for those seeking meaningful and impactful work in the tech industry.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Application Security Engineer in London
✨Get Engaged in Cybersecurity Communities
Dive into online forums or local meetups, like OWASP events or Cybersecurity conferences. These spaces are packed with pros who can share insights and might even know about temporary roles at places like Giffgaff.
✨Showcase Your Skills Publicly
Link your GitHub or create a series of blogs sharing your knowledge on cybersecurity topics. It’s a great way to demonstrate your expertise and attract attention from hiring managers, especially when they see your passion in action.
✨Stay On Top of Temp Opportunities
Keep an eye on platforms that list temporary positions specifically in tech. Websites focusing on contract roles in cybersecurity can lead straight to employers like Giffgaff.
✨Make Contact with Recruiters Specialising in Cybersecurity
Reach out to recruitment agencies that focus on cybersecurity roles. They often have insights into temporary roles before they’re advertised and can put your name forward to companies like Giffgaff.
We think you need these skills to ace Senior Application Security Engineer in London
Some tips for your application 🫡
Show Off Your Technical Skills:In cybersecurity, it's vital to highlight your skills with relevant tools and technologies. Make sure your CV showcases your experience with firewalls, intrusion detection systems, and any cybersecurity frameworks you've worked with. This gives Giffgaff a clear view of your capabilities right off the bat.
Certifications Matter:If you’ve got any cybersecurity certifications, like CompTIA Security+ or CISSP, flaunt them! These not only validate your skills but also show that you’re committed to the field. Add a section to your CV specifically for this, because in a temporary role like this, those credentials can really set you apart.
Tailor Your Cover Letter to the Role:For a temporary position, we want to see your willingness to learn and adapt quickly. Make your cover letter specific to the role at Giffgaff; mention why you’re excited about the opportunity and how it fits your career goals. A personal touch can make a big difference!
Don’t Forget the Soft Skills:In cybersecurity, technical skills are crucial, but so are soft skills like teamwork and communication. Make sure to weave examples of how you've collaborated with teams or communicated complex ideas into your application. This shows that you're not just a tech whizz but also a great team player, perfect for a temporary role at Giffgaff.
How to prepare for a job interview at Giffgaff
✨Brush Up on Technical Skills
Make sure you’re familiar with the latest cybersecurity tools and techniques, like firewalls, intrusion detection systems, and malware analysis. During the interview with Giffgaff for the Senior Application Security Engineer, be prepared to discuss specific scenarios where you tackled security threats or vulnerabilities.
✨Show Your Problem-Solving Prowess
Cybersecurity is all about thinking on your feet. Expect technical questions that require you to demonstrate your problem-solving abilities. You might be presented with a mock security breach scenario, so practising your responses to potential threats can be a game changer!
✨Demonstrate Your Adaptability
As this is a temporary role, showing that you're adaptable and quick to learn is crucial. Talk about times you've picked up new skills or reacted to changing situations quickly. Employers want to know you can hit the ground running and keep things secure during your short stay at Giffgaff.
✨Bring Relevant Certifications
If you have any relevant cybersecurity certifications, like CompTIA Security+ or CEH, be sure to mention them. This can really help you stand out during a temporary hiring process, as it showcases your commitment to the field and your readiness to take on the Senior Application Security Engineer role at Giffgaff.
