Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security initiatives to protect our innovative banking technology and ensure data privacy.
- Company: Join a rapidly growing fintech valued at $2.7bn with a fantastic workplace culture.
- Benefits: Enjoy competitive salary, generous employee share package, and a fun work environment.
- Why this job: Make a real impact in building the bank of tomorrow with cutting-edge security measures.
- Qualifications: Experience in programming, DevOps security, and web application penetration testing required.
- Other info: We welcome diverse candidates and provide equal access to professional development opportunities.
The predicted salary is between 48000 - 72000 £ per year.
Thought Machine's mission is bold - to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations of modern banking through core and payments technology which run natively in the cloud. We have grown rapidly in the past few years, growing our team to more than 550 individuals across offices in London, New York, Singapore and Sydney. We have raised more than $500m in funding and are now valued at $2.7bn.
This position plays a key role in ensuring Thought Machine teams are taking all required steps in building a secure product set. You will play a major and leading role in protecting Thought Machine product against security risks, with influence to implement cutting‑edge measures to minimise exposures and vulnerabilities. Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics, you are empowered to engage and lead cross‑functionally.
A large part of Thought Machine product security function is a greenfield challenge; we are building the bank of tomorrow with cutting‑edge web technology. Key qualities of the ideal candidate would have experience in OWASP top 10 vulnerabilities, DevSecOps, data privacy protection, passion to mentor and enable developers, creativity, autonomy, and the ability to work and complete multiple projects simultaneously.
DUTIES- Drive improvements to Thought Machine's product security posture through strategic planning and collaboration with both development and infrastructure teams.
- Produce production web scale grade application security design.
- Review and produce data privacy and financial regulatory functional and nonfunctional designs.
- Perform design reviews and threat modelling of Thought Machine services and products.
- Perform vulnerability assessments and security testing.
- Providing subject matter expertise on all areas of security and privacy throughout the Software Development lifecycle.
- Liaison with development teams for design, code reviews & education.
- Contribute to security strategy, security tooling selection and creation.
- Conduct regular security assessments and code reviews.
- Expertise with a programming language (e.g. Python, Go or Java).
- Experience of security in a DevOps environment.
- Experience in web application penetration testing and security tooling (e.g. Burp proxy, Web/Network Scanners, Static code analysers, etc).
- Coding experience for automating/integrating security tools and creation of security tools.
- Knowledge of security in distributed systems at scale.
- Cloud and containers technology knowledge (e.g. AWS, GCP, Kubernetes, Docker).
- Experience of performing security design reviews, threat modelling and risk assessments.
- Knowledge of application security issues.
- Professional security qualifications (e.g. CISSP, Offensive Security, SANS Institute, etc).
- Contributions to the security community (public research, blogging, presentations, etc).
- Awareness and experience of the Data Protection Act, ISO 27001 and PCI-DSS.
We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds, providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn’t accurately match the job description. We also encourage applications from those with different abilities, including candidates with ADHD, autism, dyslexia or dyspraxia.
Application Security Engineer employer: Thought Machine Group Limited
Contact Detail:
Thought Machine Group Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Application Security Engineer
✨Tip Number 1
Network like a pro! Reach out to current employees at Thought Machine on LinkedIn or other platforms. Ask them about their experiences and any tips they might have for landing a role there. Personal connections can make a huge difference!
✨Tip Number 2
Show off your skills! If you’ve got a portfolio of projects, especially those related to application security, make sure to highlight them in conversations or during interviews. Demonstrating your hands-on experience can set you apart from the crowd.
✨Tip Number 3
Prepare for technical interviews by brushing up on the OWASP top 10 vulnerabilities and relevant security tools. Practice explaining your thought process when tackling security challenges, as this will showcase your problem-solving skills and expertise.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining the team at Thought Machine.
We think you need these skills to ace Application Security Engineer
Some tips for your application 🫡
Show Your Passion: When writing your application, let your enthusiasm for security and technology shine through. We want to see that you’re not just ticking boxes but genuinely excited about the role and what we’re building at Thought Machine.
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your relevant experience with application security, DevOps, and any specific tools mentioned in the job description. We love seeing how your unique skills can contribute to our mission!
Be Clear and Concise: Keep your application straightforward and to the point. Use bullet points where possible to make it easy for us to see your key achievements and skills. We appreciate clarity as much as creativity!
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it’s super easy to do!
How to prepare for a job interview at Thought Machine Group Limited
✨Know Your Stuff
Make sure you brush up on the OWASP top 10 vulnerabilities and be ready to discuss them in detail. Familiarise yourself with the security tools mentioned in the job description, like Burp Proxy and static code analysers, so you can confidently talk about your experience using them.
✨Show Your Passion for Security
Thought Machine is looking for someone who is not just technically skilled but also passionate about security. Be prepared to share examples of how you've mentored others in security practices or contributed to the security community through blogs or talks.
✨Demonstrate Your Problem-Solving Skills
Since this role involves tackling greenfield challenges, think of specific examples where you've creatively solved security issues in a DevOps environment. Highlight your ability to work autonomously and manage multiple projects simultaneously.
✨Engage with the Team Spirit
Thought Machine values collaboration and a fun workplace culture. During the interview, express your enthusiasm for working cross-functionally and how you can contribute to a positive team dynamic. Share experiences where teamwork led to successful security outcomes.