Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead application security initiatives and integrate security tools into development workflows.
- Company: Join M&S, a dynamic and inclusive retailer committed to exceptional quality and service.
- Benefits: Enjoy 20% discount, competitive holidays, bonus schemes, and wellbeing support.
- Why this job: Be part of a transformative team shaping the future of retail with innovative security measures.
- Qualifications: 3+ years in application security with expertise in various security tools and strong collaboration skills.
- Other info: M&S values diversity and offers support throughout the recruitment process.
The predicted salary is between 48000 - 72000 £ per year.
The Specialist Application Security Engineer will play a pivotal role in ensuring the integrity and security of our applications across various platforms. You will lead the charge in implementing robust security measures, collaborating closely with cross-functional teams to fortify our defences against cyber threats.
Here are some of the benefits we offer that make working for M&S just that little bit more special:
- After completing your probationary period, you’ll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
- Competitive holiday entitlement with the potential to buy extra holiday days!
- Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
- A generous Defined Contribution Pension Scheme and Life Assurance.
- A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
- Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
- Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
- Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
- A charity volunteer day to support a charity or cause you’re passionate about through a dedicated day away from work.
Focused on application security initiatives across cloud and on-premises environments, employing a diverse suite of tools including Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and scripting for automation. Forge partnerships with external vendors to optimize and seamlessly integrate security tools into our application security workflow, ensuring comprehensive coverage and operational efficiency. Drive the seamless integration of application security processes into development pipelines, leveraging Azure DevOps (ADO), GitHub Actions, and similar tools for streamlined automation. Actively contribute to the formulation and enforcement of application security policies and procedures, utilizing advanced tool capabilities to mitigate risks effectively. Engage with internal stakeholders to foster awareness and understanding of application security measures, emphasizing the pivotal role of tooling and automation in mitigating vulnerabilities.
A minimum of 3 years of hands-on experience in application security, with a track record of leadership or significant contributions in similar roles. Proficiency in Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and automation scripting. Understanding of application security principles and best practices. Experience integrating and optimizing security tools within development workflows, particularly within Azure DevOps and GitHub Actions environments. Strong analytical and problem-solving skills. Excellent communication and collaboration abilities. Ability to work independently and within teams in a dynamic environment.
Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen. We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together. If you feel you’d benefit from any support or reasonable adjustments during any stage of the recruitment process, please don’t hesitate to let us know when completing your application.
Specialist Security Platform Engineer employer: MARKS&SPENCER
Contact Detail:
MARKS&SPENCER Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Specialist Security Platform Engineer
✨Tip Number 1
Familiarise yourself with the specific tools mentioned in the job description, such as Semgrep, Snyk, and Burp Suite. Having hands-on experience or even personal projects showcasing your skills with these tools can set you apart from other candidates.
✨Tip Number 2
Network with professionals in the application security field, especially those who have experience with Azure DevOps and GitHub Actions. Engaging in relevant online communities or attending industry events can help you gain insights and potentially get referrals.
✨Tip Number 3
Prepare to discuss your previous experiences in application security during interviews. Be ready to share specific examples of how you've integrated security measures into development workflows and the impact it had on mitigating risks.
✨Tip Number 4
Showcase your communication and collaboration skills by preparing to discuss how you've worked with cross-functional teams in the past. Highlighting your ability to foster awareness of security measures among stakeholders will demonstrate your fit for the role.
We think you need these skills to ace Specialist Security Platform Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in application security, particularly with tools like Semgrep, Snyk, and Burp Suite. Use specific examples to demonstrate your hands-on experience and leadership in similar roles.
Craft a Compelling Cover Letter: In your cover letter, express your passion for application security and how your skills align with the job description. Mention your understanding of application security principles and your ability to integrate security tools into development workflows.
Showcase Relevant Projects: If you have worked on projects that involved application security initiatives or automation scripting, be sure to include these in your application. Highlight your contributions and the impact they had on security measures.
Prepare for Technical Questions: Anticipate technical questions related to application security tools and practices. Be ready to discuss your problem-solving approach and how you've collaborated with cross-functional teams to enhance security.
How to prepare for a job interview at MARKS&SPENCER
✨Showcase Your Technical Skills
Be prepared to discuss your hands-on experience with tools like Semgrep, Snyk, and Burp Suite. Highlight specific projects where you successfully implemented these tools to enhance application security.
✨Demonstrate Collaboration Abilities
Since the role involves working closely with cross-functional teams, share examples of how you've effectively collaborated with others in previous roles. Emphasise your communication skills and ability to foster partnerships.
✨Understand Application Security Principles
Brush up on the latest application security principles and best practices. Be ready to discuss how you would apply these principles in real-world scenarios, particularly in cloud and on-premises environments.
✨Prepare for Problem-Solving Questions
Expect questions that assess your analytical and problem-solving skills. Think of past challenges you've faced in application security and how you overcame them, as this will demonstrate your critical thinking abilities.
