2 of 2 Application Security Jobs in Central London

A leading Fintech/Payments company is looking for a proactive and technically skilled Application Security Engineer/DevSecOps to champion secure development practices across our software delivery lifecycle. In this role, youll play a key part in identifying and reducing application-layer risks, integrating security into the development pipeline, and ensuring that security considerations … are embedded throughout the SDLC. Working closely with engineering and platform teams, youll help automate security processes, lead threat modelling exercises, and continually improve the organisations application security posture. Key Responsibilities Secure Development Lifecycle (SDLC) Experience working with static and dynamic code analysis tools (SAST, DAST) is essentialwhile you dont need to have set them up, you … should have collaborated with developers to ensure code is scanned and critical vulnerabilities are blocked in the pipeline. Integrate security controls into CI/CD pipelines and development workflows. Manage and monitor SAST, DAST, and SCA tools to detect vulnerabilities early in the lifecycle. Conduct secure code reviews and support remediation efforts. Threat Modelling & Architecture Review Requirements (Primarily Essential More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering … teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation : Integrate security tools (e.g. … SAST, DAST, SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration : Work alongside infrastructure teams to ensure secure configuration of AWS and Azure environments, with a focus on IAM, network security, encryption, and observability. Architecture & Design Reviews : Provide input and recommendations to ensure new services and features are secure by More ❯