Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Collaborate with developers to integrate security into software development and enhance DevSecOps practices.
- Company: Join a cutting-edge cyber consultancy making a real impact in cybersecurity.
- Benefits: Enjoy a fully remote role with a competitive salary and opportunities for professional growth.
- Why this job: Be part of a diverse team, driving secure software solutions across various industries.
- Qualifications: 3+ years in AppSec, hands-on experience with AWS, and knowledge of secure coding practices required.
- Other info: Relevant certifications are a plus; bonus points for AWS security and container security experience.
The predicted salary is between 48000 - 64000 £ per year.
Location: Remote (UK-based only)
Salary: Up to £80,000
Type: Full-time, Permanent
Are you passionate about building secure software and driving real impact in the world of cybersecurity? Our client, a cutting-edge cyber consultancy, is seeking an Application Security Consultant to strengthen their growing technical team. This is a fully remote role, offering the chance to work alongside experts from diverse industries including defence, finance, and tech— while making a real difference.
What You’ll Be Doing:
- Partnering with developers and engineers to bake security into every stage of the software development lifecycle.
- Enhancing DevSecOps practices with tools like SAST, DAST, and SCA—making sure security isn’t just an afterthought.
- Leading secure code reviews, threat modelling sessions, and providing practical guidance on secure design.
- Reviewing APIs, cloud-native applications, and infrastructure for security weaknesses—and helping remediate them.
- Acting as a point of escalation for application vulnerabilities and ensuring effective triage and resolution.
- Empowering teams through knowledge-sharing, training, and championing secure development best practices.
What We’re Looking For:
- At least 3 years’ experience in an AppSec or similar security-focused role.
- Hands-on experience with modern development environments, especially AWS-based and cloud-native applications.
- Familiarity with DevOps and CI/CD pipelines, and how to build security into them.
- A strong grasp of secure coding practices, vulnerability management, and secure architecture principles.
- Relevant certifications (such as CSSLP, OSWE, CISSP, or CREST) are a strong plus.
Bonus Points If You Have:
- AWS security certifications
- Experience with infrastructure as code (Terraform, CloudFormation) and container security
- Deep knowledge of API security and OWASP standards
Senior Application Security Engineer employer: Maxwell Bond
Contact Detail:
Maxwell Bond Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Engineer
✨Tip Number 1
Network with professionals in the cybersecurity field, especially those who work in application security. Attend relevant webinars, conferences, or local meetups to connect with potential colleagues and learn about industry trends.
✨Tip Number 2
Showcase your hands-on experience with tools like SAST, DAST, and SCA in your conversations. Be prepared to discuss specific projects where you integrated security into the software development lifecycle, as this will demonstrate your practical knowledge.
✨Tip Number 3
Familiarise yourself with the latest OWASP standards and be ready to discuss how you've applied them in previous roles. This will highlight your commitment to secure coding practices and your understanding of current security challenges.
✨Tip Number 4
If you have any relevant certifications, make sure to mention them during discussions. Certifications like CSSLP, OSWE, or CISSP can set you apart from other candidates and show your dedication to professional development in application security.
We think you need these skills to ace Senior Application Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in application security, particularly any hands-on work with AWS and cloud-native applications. Emphasise your familiarity with DevSecOps practices and secure coding principles.
Craft a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and how your background aligns with the role. Mention specific projects or experiences that demonstrate your ability to enhance security in software development.
Showcase Relevant Certifications: If you have certifications like CSSLP, OSWE, or CISSP, make sure to include them prominently in your application. This can set you apart from other candidates and show your commitment to the field.
Highlight Team Collaboration Skills: Since the role involves partnering with developers and engineers, emphasise your experience in collaborative environments. Provide examples of how you've successfully worked with teams to implement security measures.
How to prepare for a job interview at Maxwell Bond
✨Showcase Your Technical Expertise
Be prepared to discuss your hands-on experience with modern development environments, especially AWS and cloud-native applications. Highlight specific projects where you implemented security measures and how you enhanced DevSecOps practices.
✨Demonstrate Your Problem-Solving Skills
Expect scenario-based questions where you may need to identify vulnerabilities or suggest remediation strategies. Use examples from your past experiences to illustrate how you've successfully triaged and resolved application vulnerabilities.
✨Emphasise Collaboration and Knowledge Sharing
Since the role involves partnering with developers and engineers, be ready to discuss how you've empowered teams through training and knowledge-sharing. Share instances where you championed secure development best practices within a team.
✨Prepare for Questions on Secure Coding Practices
Brush up on secure coding principles and vulnerability management. Be ready to explain how you would conduct secure code reviews and threat modelling sessions, as well as your familiarity with OWASP standards and API security.
