Application Security Engineer / Cloud Security Engineer

Would you like to join a company rooted in technology, where you work with the latest technologies and are empowered to make a difference? Do you enjoy working as part of an enthusiastic, passionate, and collaborative team? Join our Internal Technology Team!

Softcat is an amazing success story and as part of our continued growth we are investing significantly more in a new technology strategy going forward. Softcat's internal Technology Team is undergoing an exciting transformation; this evolution aims to provide greater opportunities for our people's professional development and prepare us to execute our more ambitious technology strategy effectively.

This role is ideal for someone who enjoys partnering with engineering teams, embedding secure development practices, and driving modern cloud security standards.

Responsibilities:

• Working with cloud and development teams to create and refine standards for the setup and maintenance of applications and cloud infrastructure and assuring these are met.
• Ensuring technologies like SAST, DAST and SCA are utilised effectively.
• Integrate security controls into CI/CD pipelines and automate checks for secrets scanning and IaC security.
• Facilitate threat modelling sessions and security design reviews for critical applications.
• Establish and communicate metrics to help us understand effectiveness and measure improvement.
• Explore automation and AI-assisted solutions to enhance vulnerability detection and remediation workflows.
• Identify security vulnerabilities, devise mitigation strategies, track and address issues effectively and resolve technical debt.

We'd love you to have:

• Good experience in DevOps, Application Security, Cloud Security, or Product Security roles.
• Proficiency in multiple programming languages: Python, Java, .NET, and ability to review code for security flaws.
• Strong understanding of secure coding principles and application security standards such as the OWASP Top 10.
• Hands-on experience with AppSec tooling (SAST, DAST, SCA), and vulnerability management tools.
• Strong communication skills and ability to coach development teams.

Nice to have:

• Preferred Certifications: CEH, CSSLP, or relevant Cloud Security certifications such as those from Microsoft.

We also acknowledge that the confidence gap and imposter syndrome are a real thing and can get in the way of us meeting fantastic talent, so please don’t hesitate to apply – we would love to hear from you!

Work in a way that works for you:

We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:

• Hybrid working
• Working flexible hours - flexing the times you start and finish during the day
• Flexibility around school pick up and drop offs or other caregiving responsibilities.

Company values:

There is a uniqueness to Softcat – what we do, how we do it and why we do it. At the heart of our operations are our core values: Passion, Intelligence, Fun, Responsible and Community. These values are the pillars that guide Softcat and our actions.

As one of the UK's leading IT infrastructure providers and a FTSE 250 listed company, we have built a reputation for excellence. Our strategy is simple – we believe that highly engaged employees are the key to building customer trust and loyalty over the years. This trust and loyalty, combined with our market-leading growth and performance, enables us to invest in our technology and services capabilities. This investment in turn drives even more engaged employees. We are committed to giving everyone the opportunity to step up and show how much they can achieve. Our success is truly a collective effort - we succeed when all our people succeed.

Working with us:

Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background.

Join us:

To become part of the success story, please apply now.

If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence.

Here at Softcat, we don’t prohibit the use of AI (artificial intelligence) in our application process, as we understand how far it can go to creating a truly equitable candidate experience. That being said, as a culture-driven organisation, we believe that the genuine essence of each person is what truly matters, so we highly encourage you to be as authentically you as possible when submitting your application to showcase your true and whole self.