Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Enhance application security and collaborate with engineers on innovative projects.
- Company: Join the Financial Times, a leading global news organisation.
- Benefits: Enjoy generous leave, medical cover, hybrid working, and community engagement opportunities.
- Other info: Diverse workplace committed to inclusion and personal growth.
- Why this job: Make a real impact in cybersecurity while growing your skills in a supportive environment.
- Qualifications: Experience in application security and a passion for collaboration with engineering teams.
The predicted salary is between 50000 - 60000 ÂŁ per year.
The Financial Times is one of the world’s leading news organisations, globally recognised for its authority, integrity and accuracy, with a mission to deliver quality information and services worldwide. At the FT, curiosity thrives and ambitious thinking is rewarded. Here, you’re given the chance to reach millions, create work that matters and deliver impartial journalism in a polarised world.
In our warm, collaborative culture, you’ll connect with a diverse community of experts who support your growth, career aspirations and wellbeing. Your future at the FT will be filled with opportunities that challenge and inspire you. With no fixed path, you’ll discover new skills and forge a career that can take you anywhere.
Our Commitment to Diversity, Equity and Inclusion: We believe in the power of unique perspectives and want all voices in our organisation to be heard, respected and valued. A supportive workplace is one where employees feel they can be themselves and operate to their full potential. We are committed to removing barriers for everyone, with a focus on addressing those faced by underrepresented groups.
The Role Overview: We’re looking for a Cyber Security Engineer to help improve application security across the FT’s cloud-native technology estate. This is a hands‑on role focused on making secure engineering easier for product, platform and software engineering teams. Application security experience is essential for this role. You’ll help improve developer‑friendly security guardrails across GitHub‑based CI/CD pipelines, application repositories and engineering workflows. This includes working with SAST, software composition analysis, secret scanning, vulnerability management and secure coding guidance so that security findings are clear, actionable and owned by the right teams. You’ll work closely with engineers to support practical threat modelling, triage application vulnerabilities, improve security playbooks and help teams remediate issues in a pragmatic way.
You do not need to be a deep AWS or cloud security specialist, but some exposure to AWS, cloud security or infrastructure‑as‑code security would be useful. We’re looking for someone with practical AppSec experience who wants to grow their impact — someone who enjoys working with engineers, improving tooling and helping security become part of normal delivery rather than a last‑minute checkpoint.
What you’ll bring to the role:
- Application security experience: practical experience identifying, explaining and helping remediate application security risks in modern engineering environments.
- Developer‑friendly security mindset: you enjoy working with engineers, explaining risks clearly and helping teams adopt secure practices without unnecessary friction.
- Vulnerability management experience: experience triaging and tracking application vulnerabilities from sources such as SAST, dependency scanning, secret scanning, penetration tests, bug bounty reports or third‑party advisories.
- CI/CD and code security awareness: familiarity with security tooling in development workflows, such as SAST, software composition analysis, secret scanning or repository security controls.
- Threat modelling awareness: experience participating in, supporting or facilitating lightweight threat‑modelling sessions for applications, services or new features.
- Automation mindset: ability to write scripts or small tools, ideally in Python, to reduce manual effort, improve visibility or make security workflows easier.
- Cloud security awareness: Some exposure to AWS, cloud security or infrastructure‑as‑code security would be useful, but is not essential.
- Growth mindset: willingness to keep developing across application security, cloud security, secure development and modern engineering practices.
Required Experience, Essential:
- Practical experience in application security.
- Experience working with software engineers to explain and remediate security issues.
- Familiarity with common web application security risks and secure coding practices.
- Experience with vulnerability triage, prioritisation and remediation tracking.
- Experience using or interpreting findings from tools such as SAST, software composition analysis, secret scanning or similar.
- Experience participating in or supporting threat‑modelling activities.
- Ability to write scripts or small tools, ideally in Python, to automate tasks or improve visibility.
- Strong communication and collaboration skills.
- Familiarity with Agile or Scrum ways of working.
- Exposure to AWS security, cloud security or infrastructure‑as‑code security.
- Experience with Terraform or CloudFormation.
- Experience with container or Kubernetes security.
- Experience with bug bounty, penetration testing or security testing programmes.
- Experience with Splunk or similar logging/SIEM platforms.
- Exposure to AI security, such as LLM‑enabled applications, AI‑assisted development workflows or prompt/data leakage risks.
- Experience building dashboards, metrics or reports to support vulnerability management.
- Relevant security certifications or training, such as AWS security training, secure coding training, GIAC, ISC2, CREST or equivalent practical experience.
What’s in it for you? Our benefits vary by location but we are committed to providing best‑in‑class perks across all our offices. These include generous annual leave, medical cover, inclusive parental leave packages, subsidised gym memberships and opportunities to give back to the community. We’ve embraced a 50% hybrid working model (averaging two to three days onsite) that fosters trust and remote adaptability while encouraging in‑person camaraderie and peer learning. Additionally, we are open to accommodating specific flexible working pattern requests for all roles where feasible.
Accessibility: We are a disability confident employer and Valuable 500 signatory. Please let us know if you require any reasonable adjustments/personalisation as part of the application process or to enable you to attend an interview. If you would like to discuss your requirements or have any questions, email talent@ft.com and a member of our team will be happy to help.
Further information: At the FT, we embrace innovation and the use of technology and appreciate that individuals may leverage AI tools as part of their job application process. Whilst we are happy for you to use AI to assist with your application, it is essential that all information provided is authentic and accurately represents your skills, experience, and qualifications. Candidates should be aware that the use of AI throughout the application process may be monitored to ensure a fair and transparent hiring process for all.
Cyber Security Engineer employer: The Financial Times Ltd
Contact Detail:
The Financial Times Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Engineer
✨Tip Number 1
Network like a pro! Reach out to current or former employees at the Financial Times on LinkedIn. Ask them about their experiences and any tips they might have for landing a role as a Cyber Security Engineer. Personal connections can make a huge difference!
✨Tip Number 2
Prepare for the interview by brushing up on your application security knowledge. Be ready to discuss real-world scenarios where you've identified and remediated security risks. Show us how you can make secure engineering easier for teams!
✨Tip Number 3
Don’t just focus on technical skills; highlight your collaboration abilities too! The FT values a developer-friendly security mindset, so be prepared to share examples of how you've worked with engineers to improve security practices without causing friction.
✨Tip Number 4
Finally, apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you're genuinely interested in joining the FT community. Good luck, and we can't wait to see what you bring to the table!
We think you need these skills to ace Cyber Security Engineer
Some tips for your application 🫡
Show Your Passion for Cyber Security: Let us see your enthusiasm for cyber security in your application! Share specific examples of your experience and how it aligns with the role. We love candidates who can demonstrate their curiosity and commitment to improving application security.
Tailor Your Application: Make sure to customise your CV and cover letter for this role. Highlight your relevant skills and experiences that match the job description. We want to see how you can contribute to our mission at the FT, so make it clear why you're the perfect fit!
Be Clear and Concise: When writing your application, keep it straightforward and to the point. Use clear language to explain your experiences and achievements. We appreciate well-structured applications that are easy to read and understand.
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re serious about joining our team at the FT!
How to prepare for a job interview at The Financial Times Ltd
✨Know Your Application Security
Make sure you brush up on your application security knowledge. Be ready to discuss common web application security risks and how you've helped teams remediate these issues in the past. The Financial Times is looking for someone who can clearly explain risks and work collaboratively with engineers.
✨Show Off Your Developer-Friendly Mindset
During the interview, highlight your experience working with software engineers. Share examples of how you've made security practices easier to adopt without causing friction. This will demonstrate that you understand the importance of integrating security into the development process.
✨Familiarise Yourself with CI/CD Tools
Get comfortable with the security tooling used in CI/CD workflows, such as SAST and secret scanning. Be prepared to discuss how you've used these tools in previous roles and how they can improve application security at the FT.
✨Embrace a Growth Mindset
The FT values continuous learning, so be ready to talk about how you plan to develop your skills further in application security and cloud security. Mention any relevant certifications or training you've completed, and express your enthusiasm for staying updated with the latest security practices.