20 of 20 Application Security Jobs in Central London

We’re partnering with a leading retail & digital brand to hire an DevSecOps Engineer who’ll embed AppSec across modern CI/CD—scaling automation, owning the tooling stack and enabling engineers to ship secure software at pace. Responsibilities Focused on application security initiatives across cloud and on-premises environments, employing a diverse suite of tools including Semgrep … for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and scripting for automation. Forge partnerships with external vendors to optimize and seamlessly integrate security tools into our application security workflow, ensuring comprehensive coverage and operational efficiency. Drive the seamless integration of application security processes into development pipelines, leveraging Azure DevOps (ADO … GitHub Actions, and similar tools for streamlined automation. Actively contribute to the formulation and enforcement of application security policies and procedures, utilizing advanced tool capabilities to mitigate risks effectively. Engage with internal stakeholders to foster awareness and understanding of application security measures, emphasizing the pivotal role of tooling and automation in mitigating vulnerabilities Essential A minimum More ❯

Your new role - Permanent - ON SITE 5 Days per week. You will be required to obtain security clearance and undergo vigorous onboarding checks - UK Only. Sponsorship NOT available. The main purpose of this job mainly focusses on information security, cybersecurity, and data security, including a wide scope, such as physical security of computer rooms, operating system … level security of Windows and Linux, network security of firewall and other security devices, application security both development and testing phrases, terminal security, backup security, third party and supply chain security of IT service provider. Liaison with the Head Office, Security Operation Centre or Data Centre for implementing security policies … projects and security controls. Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulations. The ideal candidate will be responsible for managing information security systems, ensuring compliance with regulatory requirements, and conducting thorough security audits. You More ❯

We're team Granola 👋 If you haven't already, you should check out what we're building, and why you should work here. We're looking for our founding security engineer who is passionate about application security to help us protect our users and build trust as we scale. In this role, you will be responsible for … identifying and mitigating security vulnerabilities within Granola's applications, building security tools, and working closely with our development teams to integrate security throughout our software development lifecycle. You'll help establish a robust security culture as we unlock Granola for the next 100x users. In this role, you will: Conduct security assessments, code reviews, and … penetration testing to identify vulnerabilities in our applications Design and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyse, and manage vulnerabilities in applications More ❯

Job Title: Information Security Architect Location: London Hybrid Working: 50% Remote/50% Office Leading Financial Services/FinTech are seeking a highly technical and broad Information Security Architect to join their security architecture team. This is a key position responsible for ensuring that the design, delivery, and operation of systems and services meet the highest security architecture and compliance standards. Information Security Architect will provide architectural leadership across multiple security domains — combining deep hands-on technical security expertise with strategic enterprise security architecture thinking. You will play a critical role in embedding security throughout the technology landscape, from solution-level security reviews to security solutions and enterprise-wide … security architecture standards. This role requires a balance of security solution architecture, technical review and assurance, and enterprise security architecture skills. You will define and validate security controls, assess new technologies, perform security design reviews, and ensure security-by-design principles are consistently applied across hybrid, on-premise, and cloud environments. Key Responsibilities Serve More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering … teamsproviding hands-on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement : Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management : Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation : Integrate security tools (e.g. … SAST, DAST, SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration : Work alongside infrastructure teams to ensure secure configuration of AWS and Azure environments, with a focus on IAM, network security, encryption, and observability. Architecture & Design Reviews : Provide input and recommendations to ensure new services and features are secure by More ❯

Information Security Manager - £80K - £100K Our client is a leading software as a service (SaaS) firm growing within insurance FinTech. Baded in central London, offering good hybrid/flexible working, they’re looking for an Information Security professional to lead their InfoSec function. You’ll work directly with the C Suite to create and deliver the security strategy, information security framework and risk mitigation activities for the company. You’ll have the chance to be involved in everything from security assessments and threat modelling to penetration testing, coding, triage of security events, ownership of policies and procedures and even working with development and engineering teams to drive application security and DevSecOps … A very varied role! Requirements: Proven experience as an Information/Cyber Security Manager Experience being the "go to" for InfoSec Extensive and broad cyber and information security (InfoSec) experience Knowledge of concepts such as ethical hacking, network security, application securty, penetration testing and cryptography etc Strong IAM and Risk understanding Good Cloud and DevSecOps knowledge More ❯

Head of Information Security - FinTech - £100K+ Our client is one of the country’s fastest growing FinTechs. Based in central London, hybrid working, they’re looking for a Head of InfoSec to join them, champion security and take the lead across DevSecOps, application security, ops and … governance. You’ll have the chance to own security for the company and drive it forwards, leading a team of exceptional engineers. You’ll be able to drive AppSec and secure development practices, overseeing SOC and lead GRC and Risk Management along with IT Ops and Platform teams. This is an incredible opportunity to head up InfoSec for a … growing, cutting-edge FinTech – Not something to miss! Requirements: Great AppSec experience and experience owning an Application Security program Strong knowledge of running Security Operations, monitoring, incident response etc Excellent GRC knowledge – GDPR, ISO etc Proven communication skills Experience of leadership around risk Track record of building a team and developing people Strong knowledge of modern IT More ❯

Hybrid 3 days | Permanent Role Overview: Manage and support Azure cloud platform operations with a focus on Infrastructure as Code, network operations, and identity management whilst ensuring platform reliability, security, and performance across Azure environments. Key Characteristics: Azure Platform Operations - Extensive hands-on experience managing and supporting Azure environments including Virtual Machines, Azure Storage (Blob, Files, Disks), Azure SQL … Database, App Services, Azure Functions, and container services (ACI, AKS). Proficient in Azure Monitor, Log Analytics, Application Insights, cost management and optimisation, resource tagging strategies, and maintaining platform availability through proactive monitoring and incident response. Infrastructure as Code (Terraform) - Strong working knowledge of Terraform for provisioning and managing Azure infrastructure including writing and maintaining Terraform modules for Azure … through workflows. Experience with version control (GitHub/ADO), code reviews, and understanding of infrastructure drift detection and remediation. Configuration Management (Ansible) - Proficient in using Ansible for configuration management, application deployment, and orchestration tasks across Azure VMs. Experience writing playbooks for Azure resources, using Azure dynamic inventory, managing Azure-specific modules, and automating routine operational tasks across environments hosted More ❯

junior team members through design discussions and code reviews, fostering an open and constructive workplace culture. Enhance test automation , either by improving the platform or adding new tests. Ensure application security aligns with CFC Application Security Standards . Validate APIs against CFC API Standards . More ❯

you to achieve success faster and more effectively. Role Overview As a Senior Software Engineer, you will play a pivotal role in architecting and developing our next-generation web application and API. This role requires technical leadership, hands-on development, and mentoring of junior developers. You will drive the adoption of best practices, ensuring scalability, security, and performance. … record of leading development teams and managing large-scale projects. Database Expertise: In-depth experience with PostgreSQL/SQL, including design of complex schemas, writing queries and performance optimisation. Security & Performance: Deep understanding of application security best practices, performance tuning, and scalable architecture. Problem-Solving: Ability to troubleshoot complex technical issues, with a proactive and solution-oriented More ❯

Internal Pentester to join an international client secure their networks. This critical role, based in London (2-3 days per week), requires deep expertise in conducting manual and automated security assessments across networks, applications, cloud platforms, and infrastructure. You will identify and exploit vulnerabilities, simulate real-world attacks, and deliver actionable remediation guidance to strengthen defenses. Key Responsibilities: Plan … and execute penetration tests - perform manual and automated testing across applications, APIs, internal/external networks, cloud environments, and Active Directory. Identify, exploit, and validate vulnerabilities - uncover security flaws such as insecure authentication, authorization bypasses, misconfigurations, and privilege escalation paths. Simulate real-world attacks - use adversary techniques and offensive tools to test the resilience of networks, systems, and security controls. Develop detailed reports - produce both technical and executive-level documentation outlining findings, risk impact, and remediation steps What You Will Ideally Bring: Application security knowledge - strong grasp of OWASP Top 10 and API security issues.Contract Details: Hands-on pentesting experience - 3-7+ years in penetration testing, red teaming, or offensive security across networks More ❯

Information Security Analyst - £80K Our client is a leading Software-as-a-Service (SaaS) development company – They build bespoke Big Data solutions for financial services, pharma and ecommerce client around the world. Offer great remote/hybrid flexible working, they’re looking for an experienced Cyber Security Analyst to join them. You’ll work directly with the CSO … and SOC team to create and deliver the security strategy, information security framework and risk mitigation activity for the company. You’ll have the chance to be involved in everything from security assessments and threat modelling to triage of security events, ownership of policies ad procedures and even working with development and engineering teams to drive … application security. Requirements: Proven experience as an Information/Cyber Security Analyst Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) or equivalent Extensive cyber and information security (InfoSec) experience Experience of working in demanding, environments Good undersyanding of Windows, Cloud and IT infrastructure Excellent communication skills More ❯

This global insurance firm seeks a Cyber Security Consultant to work on large IT and business change projects across the company. You will work with senior stakeholders and technical teams, advising on security requirements, assessing security controls, managing cyber … assessments and suggesting remediations. The successful candidate will have a technical security background with good experience of conducting security assessments, the ability to review architectural diagrams, good AppSec or DevSecOps experience, and knowledge of cloud security (any platform). The role would be suit someone who is working as a senior security consultant or security More ❯

IT Security Engineer- £70K Our client is a leading London professional services and law firm, they work with client in technology, financial services, pharma and ecommerce around the world. Offer great remote/hybrid flexible working, they’re looking for an experienced InfoSec/Cyber Security Engineer to join them. You’ll work directly with the CSO and … SOC team to create and deliver the security strategy, information security framework and risk mitigation activity for the company. You’ll have the chance to be involved in everything from security assessments and threat modelling to triage of security events, ownership of policies and procedures and even working with development and engineering teams to drive application security. Requirements: Proven experience as an Information/Cyber Security Engineer Extensive and broad cyber and information security (InfoSec) experience Knowledge of concepts such as ethical hacking, network security, penetration testing and cryptography etc Good understanding of Windows, Cloud and IT infrastructure Excellent communication skills More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering More ❯

A leading fintech company is seeking a Lead AppSec Engineer to join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory : Serve as the go-to expert for application security across engineering More ❯

and Mainframe data systems to support secure data exchange, authentication services, and integration between legacy and modern platforms. The ideal candidate will combine data engineering fundamentals with middleware/security gateway expertise , ensuring data integrity, authentication, and performance across complex enterprise environments. Key Responsibilities: Design, implement, and maintain IBM DataPower Gateway solutions for secure API, web service, and data … systems (z/OS, DB2, MQ) and modern data platforms. Develop, test, and optimise data flows, ensuring scalability, performance, and compliance . Troubleshoot DataPower and mainframe data connectivity or security issues. Work closely with application, security, and infrastructure teams to support enterprise data exchange initiatives. Skills & Experience: Strong hands-on experience with IBM DataPower Gateway (XI52/ More ❯

opportunity to be a foundational hire, shaping the future of a product designed to protect hundreds of millions of users. We are building two core products: the Telco-Verified Security Shield (our primary, pre-call fraud detection) and the Personal Welcome Manager (our premium, AI-powered call screening experience). As the Senior Android Engineer for the Welcome Manager … an expert in designing for our < 1000ms V2V (voice-to-voice) latency budget, ensuring the entire UX flow feels fast and responsive. ? API & Backend Integration: Partner with our backend (Application & AI Orchestration) engineers to define and integrate the client-side APIs and data models required to power the Welcome Manager's features, from live transcription to post-call entity … extracted summaries. ? MWC Demo Ownership: Be directly responsible for the polish, stability, and performance of the Welcome Manager application for its critical debut at MWC 2026. ? Cross-Functional Partnership: Collaborate closely with the other Senior Android Engineer (who owns the native CallScreeningService and Security Shield overlay) to ensure a seamless and unified user experience between our two core More ❯

MS SECURITY SME DEFENDER ITALIAN FLUENT A MUST 100%% 100% REMOTE UK UP TO £80K DOE + BENEFITS (28 DAYS HOLIDAY AND 3% PENSION) Our client the largest IT solutions provider in the world are seeking to recruit a MS Defender Engineer and you will bring the below skill set: Your specific responsibilities will include: FLUENT IN ITALIAN AND … change and clarity Qualifications Recommended: The ideal candidate will have a two-year degree or the equivalent in work experience and preferably 3 years’ Customer Support and/or security experience. The successful candidate will have the ability to communicate effectively with corporate customers, possess an understanding of the Onboarding process and demonstrate a vision for the future of … handle difficult and sensitive situations involving the most critical and politically charged customer situations. Minimum Experience: A minimum of 1 year of hands-on experience deploying, configuring and administering security solutions, ideally MDE/MDO/MCAS/MDI/M365 Defender in large organizations of more than 1,000 managed devices/users, covering the following areas MDE More ❯

numerical methods, plus floating-point stability and mixed precision Formal methods & rigorous testing: model checking, property-based testing, fuzzing Security: applied crypto (use of vetted libs), web/appsec, sandboxing (seccomp/AppArmor), secrets/keys Distributed systems & consensus (Raft/Paxos), consistency models, backpressure, idempotency Build systems & developer tooling: Bazel/CMake, reproducible builds, hermetic CI, static analysis More ❯