At a Glance
- Tasks: Take ownership of application security and collaborate with developers throughout the entire lifecycle.
- Company: Dynamic Fintech company in Manchester, scaling their own SaaS platform.
- Benefits: Up to £75,000 salary, hybrid work, and comprehensive benefits.
- Other info: Opportunity to educate teams and embed security into development processes.
- Why this job: Make a real impact on security in a collaborative engineering environment.
- Qualifications: Strong background in application security and experience with relevant tools.
The predicted salary is between 75000 - 75000 £ per year.
Manchester - Hybrid, 3 days a week in the office. Commutable from Stockport, Wigan, Bolton, Rochdale, Bury, Sale, Liverpool, Warrington, and Runcorn. Up to £75,000 + benefits.
We're partnered exclusively with a Fintech business in Manchester who've been building their own SaaS platform for a decade. It's live, it's scaling, and it's handling sensitive financial data - which means application security really matters here.
They're bringing in an Application Security Engineer to take proper ownership of AppSec across the engineering function. This isn't a bolt-on role where you sit at the end of the process flagging issues. You'll be embedded in the development lifecycle from the start - running threat models, helping developers ship securely, reviewing code, and making sure the right tooling is in place.
The engineering teams are collaborative and they actually want security involvement. So if you're someone who enjoys working with developers and educating as much as you do finding vulnerabilities, you'll fit right in here.
Key skills needed:- Strong background in application security, ideally in a SaaS or Fintech environment
- Experience with SAST, DAST, and SCA tooling - Snyk, Checkmarx, Semgrep, Burp Suite, or similar
- Threat modelling - comfortable running sessions with engineering and product teams
- Solid understanding of OWASP Top 10 and how to actually remediate real-world vulnerabilities
- API security - REST, GraphQL, and the common attack vectors around them
- Knowledge of secure SDLC and how to embed security into CI/CD pipelines
- Auth concepts - OAuth, OIDC, JWT, SAML - and where they typically go wrong
- Able to communicate risk clearly to engineers, product managers, and leadership alike
This is a role with real stakes and real scope. If you want more than just writing reports and waiting for developers to fix things, this is the one.
Click "APPLY" now to be considered for this role.
App Sec Engineer (Application Security) in Manchester employer: ReVybe IT Recruitment Limited
Join a dynamic Fintech company in Manchester that prioritises application security and fosters a collaborative work culture. With a strong focus on employee growth, you will have the opportunity to take ownership of AppSec within the engineering function, working closely with developers to enhance security practices. Enjoy a hybrid working model, competitive salary, and a supportive environment that values your contributions and encourages continuous learning.
Contact Details:
ReVybe IT Recruitment Limited Recruitment Team
StudySmarter Expert Advice🤫
We think this is how you could land App Sec Engineer (Application Security) in Manchester
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the Fintech scene, especially those working on SaaS platforms. Attend meetups, webinars, or even local tech events to make those valuable connections that could lead to your next role.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your work in application security. Include examples of threat models you've run or vulnerabilities you've found and fixed. This will give potential employers a taste of what you can bring to their team.
✨Tip Number 3
Prepare for interviews by brushing up on your communication skills. You’ll need to explain complex security concepts clearly to developers and product managers. Practice articulating risks and remediation strategies so you can impress them with your knowledge and approach.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for you, and applying directly can sometimes give you an edge. Plus, it’s super easy to keep track of your applications and updates!
We think you need these skills to ace App Sec Engineer (Application Security) in Manchester
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the skills and experiences mentioned in the job description. Highlight your background in application security, especially in SaaS or Fintech environments, so we can see how you fit right in!
Showcase Your Tools:List the SAST, DAST, and SCA tools you've worked with, like Snyk or Burp Suite. We want to know how familiar you are with these tools, as they’re crucial for the role. Don’t forget to mention any threat modelling experience too!
Communicate Clearly:When writing your application, make sure to communicate your understanding of security concepts clearly. We love candidates who can explain risks to both technical and non-technical folks, so show us you can bridge that gap!
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at ReVybe IT Recruitment Limited
✨Know Your AppSec Stuff
Make sure you brush up on your application security knowledge, especially around SAST, DAST, and SCA tooling. Be ready to discuss how you've used tools like Snyk or Burp Suite in past projects, as this will show you're not just familiar with the concepts but have practical experience too.
✨Get Familiar with OWASP Top 10
You’ll want to be well-versed in the OWASP Top 10 vulnerabilities and how to remediate them. Prepare examples of how you've tackled these issues in previous roles, as this will demonstrate your hands-on experience and understanding of real-world application security challenges.
✨Show Your Collaborative Side
Since this role involves working closely with developers, be ready to share experiences where you've successfully collaborated with engineering teams. Highlight any instances where you've educated others about security practices or helped integrate security into the development lifecycle.
✨Communicate Risks Effectively
Practice explaining complex security concepts in simple terms. You might be asked how you would communicate risks to engineers or product managers, so think of clear, concise ways to convey important information without getting too technical.
