At a Glance
- Tasks: Take ownership of application security in a dynamic fintech environment.
- Company: Exciting fintech company in Manchester with a focus on SaaS solutions.
- Benefits: Up to £75,000 salary, hybrid work, and great benefits.
- Other info: Collaborative teams eager for security involvement and excellent career growth opportunities.
- Why this job: Be embedded in the development lifecycle and make a real impact on security.
- Qualifications: Strong app security background, experience with SAST/DAST tools, and threat modelling skills.
The predicted salary is between 75000 - 75000 £ per year.
Application Security Engineer Manchester - Hybrid, 3 days a week in the office. Commutable from Stockport, Wigan, Bolton, Rochdale, Bury, Sale, Liverpool, Warrington, and Runcorn. Up to £75,000 + benefits.
We're partnered exclusively with a Fintech business in Manchester who've been building their own SaaS platform for a decade. It's live, it's scaling, and it's handling sensitive financial data - which means application security really matters here.
They're bringing in an Application Security Engineer to take proper ownership of AppSec across the engineering function. This isn't a bolt-on role where you sit at the end of the process flagging issues. You'll be embedded in the development lifecycle from the start - running threat models, helping developers ship securely, reviewing code, and making sure the right tooling is in place.
The engineering teams are collaborative and they actually want security involvement. So if you're someone who enjoys working with developers and educating as much as you do finding vulnerabilities, you'll fit right in here.
Key skills needed:- Strong background in application security, ideally in a SaaS or Fintech environment
- Experience with SAST, DAST, and SCA tooling - Snyk, Checkmarx, Semgrep, Burp Suite, or similar
- Threat modelling - comfortable running sessions with engineering and product teams
- Solid understanding of OWASP Top 10 and how to actually remediate real-world vulnerabilities
- API security - REST, GraphQL, and the common attack vectors around them
- Knowledge of secure SDLC and how to embed security into CI/CD pipelines
- Auth concepts - OAuth, OIDC, JWT, SAML - and where they typically go wrong
- Able to communicate risk clearly to engineers, product managers, and leadership alike
This is a role with real stakes and real scope. If you want more than just writing reports and waiting for developers to fix things, this is the one.
Click "APPLY" now to be considered for this role.
App Sec Engineer (Application Security) employer: Revybe IT Recruitment Ltd
Join a dynamic Fintech company in Manchester that prioritises application security and fosters a collaborative work culture. With a strong focus on employee growth, you'll have the opportunity to take ownership of AppSec within the engineering function while working alongside passionate developers. Enjoy a hybrid work model, competitive salary, and a supportive environment that values your contributions to securing sensitive financial data.
StudySmarter Expert Advice🤫
We think this is how you could land App Sec Engineer (Application Security)
✨Tip Number 1
Network like a pro! Attend local meetups or tech events in Manchester to connect with folks in the Fintech scene. You never know who might be looking for an Application Security Engineer just like you!
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your experience with SAST, DAST, and threat modelling. This will give potential employers a taste of what you can bring to their team.
✨Tip Number 3
Don’t just apply anywhere; focus on companies that align with your values. Check out our website for roles that excite you and fit your expertise in application security. We’ve got some great opportunities waiting!
✨Tip Number 4
Prepare for interviews by brushing up on your communication skills. Be ready to explain complex security concepts in simple terms, especially how they relate to the OWASP Top 10. It’s all about making those connections!
We think you need these skills to ace App Sec Engineer (Application Security)
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that match the job description. Highlight your background in application security, especially in SaaS or Fintech environments, to show us you’re the right fit.
Showcase Your Tools:List the SAST, DAST, and SCA tools you’ve worked with, like Snyk or Burp Suite. We want to see your hands-on experience, so don’t hold back on the details!
Demonstrate Collaboration:Since this role involves working closely with developers, share examples of how you’ve collaborated in the past. We love seeing candidates who can educate and engage with teams effectively.
Communicate Clearly:When writing your application, make sure to communicate your understanding of risks and vulnerabilities clearly. We appreciate candidates who can articulate complex concepts in a straightforward way.
How to prepare for a job interview at Revybe IT Recruitment Ltd
✨Know Your Stuff
Make sure you brush up on your application security knowledge, especially around the OWASP Top 10. Be ready to discuss real-world vulnerabilities and how to remediate them. This role is all about being proactive, so show that you understand the importance of security in the development lifecycle.
✨Familiarise with Tools
Get hands-on experience with SAST, DAST, and SCA tools like Snyk, Checkmarx, and Burp Suite. Be prepared to talk about how you've used these tools in past projects and how they can be integrated into CI/CD pipelines. Demonstrating your technical skills will set you apart from other candidates.
✨Communicate Clearly
Since this role involves working closely with developers and product teams, practice explaining complex security concepts in simple terms. You’ll need to communicate risks effectively, so think of examples where you’ve successfully educated others about security issues.
✨Show Your Collaborative Side
This company values collaboration, so be ready to share experiences where you’ve worked alongside engineers to improve security practices. Highlight any instances where you’ve run threat modelling sessions or contributed to secure coding practices, as this will demonstrate your fit for the team.
