23 of 23 Application Security Jobs in the City of London

The Role Embed security best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/… CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing … or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE More ❯

identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team … in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role … you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends More ❯

Job Title: Senior Security Engineer Manager: CISO Department: Cyber Security Division: Enterprise Information Technology Services Location: London, Hybrid Main Purpose: The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change … this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats. The Senior Security Engineer will be responsible for the delivery of security technologies in a range of projects and will therefore: Have a strong cyber security engineering or professional services background with experience of delivering … both large-scale and small-scale projects to a high quality in a fast-paced environment. Have a good practical knowledge of both traditional security technologies and modern security tooling to allow support of both the existing and new environments during the digital transformation. Have a proven track record of working in cross functional teams to successfully deliver More ❯

Security Systems Engineer - DevSecOps - Remote - Amazing role - to £70,0000 + Bens Once in a life time opportunity to join a scaling up tech company who are disrupting the digital security sector. My customer are an incredibly innovative scaling up tech company who are looking to recruit a Security Systems Engineer with experience of DevSecOps, AWS, and … + health + share scheme + flexible working + 25 days holidays. Complete remote role with quarterly meet-ups and customer site visits. Position Overview: We are seeking a security systems engineer who combines strategic oversight with strong hands-on capabilities. This role is pivotal in shaping the overarching technical security posture of our organisation while actively integrating … security into our development and operational workflows. The ideal candidate will bridge the gap between high-level security strategy and practical implementation, ensuring that our systems are secure by design and that security is embedded throughout the software development lifecycle. This individual will ensure that both our strategic security objectives and operational practices align with compliance More ❯

A great client of mine is hiring a Security-Focused Technical Consultant/Security Architect to join a highly regulated healthcare tech environment. You’ll work cross-functionally with engineering, architecture, and business teams to design secure solutions, manage risks, and ensure compliance across a portfolio of applications. Length: Initial 7 months with chance to extend or go … perm. IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective … security controls 🧠 Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

an individual with deep technical expertise, strategic vision, and hands-on experience in building secure, AI-driven systems. As Director of Cybersecurity, you will oversee all aspects of our security architecture, operations, and threat intelligence functions—ensuring Nothreat’s platforms and clients remain resilient in an evolving threat landscape. You will also be expected to drive cross-functional collaboration … across product, engineering, compliance, and delivery teams, and lead the execution of complex, high-impact security initiatives. Key Responsibilities Define and drive Nothreat’s cybersecurity strategy across product, infrastructure, and operations. Lead security architecture reviews, threat modeling, and secure development practices across engineering teams. Oversee the implementation and operation of security controls, incident response plans, and risk … management frameworks. Work closely with the AI engineering team to address security implications of machine learning models and data pipelines. Evaluate and adopt new security technologies and frameworks aligned with our AI-powered platform. Collaborate with executive leadership on regulatory, compliance, and customer security expectations. Lead cross-functional cybersecurity initiatives across engineering, product, and operations, ensuring successful More ❯

Role Overview: Additional Information: Please note, this role requires working full-time onsite, five days per week. NON Negotiable We are seeking an experienced IT Security Engineer to become a vital part of a growing IT Department. This critical role will focus on protecting our information assets through robust cybersecurity measures, ensuring adherence to best practices, international standards, and … local regulations. Ideally suited to candidates who possess expert knowledge of security frameworks including NIST 800, ISO 27001, and cybersecurity guidelines from PRA, FCA, and ICO. Candidates with at least 3 years' relevant experience in finance or banking, particularly as an information security officer or involvement in regulatory technical projects, are strongly preferred. Key Responsibilities: Develop and maintain … cybersecurity policies and procedures, ensuring compliance with industry standards and local regulations. Real-time monitoring of cybersecurity incidents, including incident analysis, investigation, and mitigation. Oversee and maintain security equipment including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), and antivirus systems. Perform periodic security drills and regular penetration testing to ensure the integrity of security More ❯

About the Role: Altura Partners Cyber practice are partnered with a Cyber SaaS vendor looking for a Senior Cloud Security Engineer (internal facing), responsible for safeguarding their cloud and application environments. You'll be spearheading the design and deployment of security controls in thier AWS environment, adopting and extending existing controls in Azure AD/MDM, finding … and addressing posture gaps, and expanding our ability to protect data that really matters. What You'll Do: Design and implement security controls and secure-by-default architecture in AWS and Azure, including but not limited to IAM. Implement secure guardrails for cloud deployments in Terraform Investigate security incidents in conjunction with team, perform root cause analysis, and … recommend corrective actions Participate in on-call and security support responsibilities Collaborate with Engineering, Platform and Development teams to address security issues and implement best practices Develop and maintain security documentation; ISO, NIST and CIS. Stay updated on the latest security trends, vulnerabilities, and technologies to ensure robust protection against evolving threats What You'll Bring More ❯

Security Architect – AWS focused – London hybrid - £80,000 - £100,000 + Benefits + Bonus After continued success throughout 2024, and so far in 2025, our client is looking to further add to their Security Architecture team with an experienced Security Architect. Our client is looking for an Architect strong in Application Security, DevSecOps, and IAM. … designing and implementing secure architectures within AWS cloud environments, ensuring best practices are followed to protect applications, data, and infrastructure. The ideal candidate will collaborate with development, DevOps, and security teams to embed security into the software development lifecycle while leveraging cloud-native security tools. Main responsibilities: Design and implement secure architectures for applications and cloud-native … services within AWS. Develop and enforce DevSecOps principles by integrating security into CI/CD pipelines. Lead efforts in application security, including secure coding practices, threat modelling, and vulnerability assessments. Architect and manage IAM policies, roles, and permissions across AWS resources. Guide development teams on security best practices related to AWS security services such as More ❯

Senior Application Security Engineer Salary: up to £100,000 + bonus + benefits Location: UK – Remote This company is scaling its security function and is hiring Senior Application Security Engineers to help embed secure development practices across its engineering teams. You’ll play a hands-on role in identifying and resolving vulnerabilities, integrating security into the SDLC, helping developers create software that is secure, robust, and production-ready by design. You’ll be joining a high-impact security team at a pivotal point in the company’s growth. The environment spans legacy systems, enterprise-grade platforms, and greenfield builds – making it an ideal opportunity for individuals who thrive in varied, fast-paced … code changes via pull requests. Conduct secure code reviews and provide clear remediation guidance to engineering teams. Embed automated security checks into CI/CD pipelines using existing AppSec tools. Perform threat modelling and contribute to secure design decisions. Develop PoCs to demonstrate risk and impact of discovered vulnerabilities. Requirements: 5+ years of hands-on experience in application More ❯

week in London Public or Higher education experience is beneficial An established institution is seeking a Head of Cybersecurity to oversee its cybersecurity operations and establish a robust enterprise security strategy. This role will be instrumental in developing policies, implementing security solutions, and managing risks while ensuring compliance with industry standards and best practices. This role will include … between the business and technical, overseeing with technical knowledge but not hands on, focusing on stakeholder engagement. Key Responsibilities: Lead and manage a cybersecurity team, overseeing the implementation of security strategies. Develop and enforce cybersecurity policies, standards, and best practices. Conduct vulnerability assessments and manage compliance with security frameworks. Oversee security incident response, forensic investigations, and risk … mitigation strategies. Monitor networks and systems, ensuring proactive threat detection and response. Collaborate with internal stakeholders and external agencies to maintain a strong security posture. Provide cybersecurity training and guidance to staff and students. Lead cybersecurity projects, ensuring timely and cost-effective implementation. Stay up to date with evolving cybersecurity trends, regulations, and best practices. Essential Requirements: Degree in More ❯

Senior Application Security Engineer Hybrid From Any UK Hub (London, Swindon, Manchester, Glasgow, Belfast) Salary – Up to £100,000 Depending on experience + Discretionary Bonus + Additional Corporate Benefits Package The Client: A leading financial services firm requires a senior application security engineer! The Role: As a Senior Application Security Engineer here, you'll … sit within CTO, assisting a wide range of delivery teams in engineering secure solutions and protecting our member's money and data. As a senior security engineer, you will work cross-functionally to assess risk and help deliver countermeasures that protect our member's data. You will work will engineering teams to create solutions that solve or remediate security problems. This will involve a range of activities, including (but not limited to) threat modelling, selection and configuration of DevSecOps tools, high-level and detailed security designs. Key Responsibilities: We are seeking a Senior Security Engineer who has experience in the design and implementation of secure software. You should possess verifiable experience in: Strong technical knowledge - a More ❯

Senior Application Security Consultant 5 Months £585 per day (Inside IR35) 1-2 days per week on site in London The Application Security Consultant will support the increasing demand for Information Security skills across Group Functions. With an ability to review existing applications and also engage on new services being offered, this role is critical … to advising on how we embed security into our business operations. This role will also play a key role in realising our Security Improvement programme across a number of our business areas and will require effective communication with a wide range of colleagues both technical and non-technical. Principal accountabilities: 1. Security Design - Ensure projects consider security in the design by setting security needs and requirements to ensure alignment to L&G Security Policies and Standards, participating in Technology or Supplier selection as a security SME and applying threat and initial risk assessment approaches to select appropriate controls. Work with the Group wide Security Improvement Programme to ensure Group Functions services align More ❯

Our client is hiring an Engineering Manager to lead a newly formed security engineering team focused on safeguarding both traditional finance and digital asset platforms. Reporting directly to the CTO, this role is ideal for a seasoned security professional ready to define and execute a comprehensive security vision. The successful candidate will be responsible for shaping the … technical roadmap and mentoring a team of engineers who will design, build, and automate cutting-edge security controls across cloud infrastructure, application layers, and detection systems. The ideal candidate will bring over a decade of experience in security engineering, including at least three years in a leadership role within fintech, exchanges, or large-scale web environments. A … strong background in building automated security pipelines using Infrastructure as Code (IaC), along with expertise in scanning, secret detection, and exploit simulation, is essential. Proficiency in coding, coupled with a deep understanding of micro-services and distributed systems, will be key to driving innovation and resilience in the company's security posture. Responsibilities: Develop a multi-year security More ❯

We are working with a leading global law firm seeking an experienced and forward-thinking Application Engineer to take ownership of its legal technology stack and GenAI applications. This is a pivotal role focused on the deployment, maintenance, and optimisation of the firm’s core systems that support legal workflows, document and matter management, and AI-enhanced productivity. PLEASE … You will work closely with legal teams, vendors, and IT colleagues to ensure secure, innovative, and high-performing technology solutions. Reporting directly to the Head of Infrastructure and Information Security, this is a fantastic opportunity to shape the legal tech landscape of a global firm and collaborate regularly with senior stakeholders, including partners. Key Responsibilities: Manage and optimise the … GenAI applications (e.g., iManage Cloud, Intapp, M365 Copilot, ChatGPT Enterprise). Provide expert 2nd/3rd line support and lead on technical design and implementation of new tools. Ensure application security, stability, and performance through proactive maintenance and patching. Evaluate emerging legal tech and GenAI tools for innovation opportunities. Partner with legal teams to enable automation and AI More ❯

Product Security Engineer (FinTech) London (4 days onsite) | £80,000 to £90,000 + Benefits Are you a Product Security Engineer looking to make a real impact? We are working with a fast-growing FinTech that is reshaping the payments landscape. You will collaborate with engineering teams to build security into products from day one, focusing on … architecture, threat modelling, and risk management. This is not a hands-off role. You will be the go-to advisor for product teams, helping them understand risk, make informed security decisions, and deliver innovative, secure solutions at scale. What you will do Conduct security assessments and drive a secure-by-design culture Collaborate with engineering teams on cloud … you will bring 3 to 5 years in Cyber Security, Product Security, or Secure Software Development Strong knowledge of GCP (primary), AWS, Azure Experience with threat modelling, AppSec, and security in CI/CD pipelines Ability to communicate security concepts clearly and balance risk with business priorities A collaborative, pragmatic approach Why join Shape security More ❯

The role is hybrid 1 day a week in their London Office. The Specialist Application Security Engineer will play a pivotal role in ensuring the integrity and security of our applications across various platforms. You will lead the charge in implementing robust security measures, collaborating closely with cross-functional teams to fortify our defenses against cyber … threats. KEY ACCOUNTABILITIES & RESPONSIBILITIES Focused on application security initiatives across cloud and on-premises environments, employing a diverse suite of tools including Semgrep for SAST, Snyk for SCA, GHAS for secret scanning, Burp Suite for DAST, and python for automation. Forge partnerships with external vendors to optimize and seamlessly integrate security tools into our application security workflow, ensuring comprehensive coverage and operational efficiency. Drive the seamless integration of application security processes into development pipelines, leveraging Azure DevOps (ADO), GitHub Actions, and similar tools for streamlined automation. Actively contribute to the formulation and enforcement of application security policies and procedures, utilizing advanced tool capabilities to mitigate risks effectively. Engage with internal stakeholders More ❯

Cloud & Security Platform Lead A well-known British motoring company are looking for a Cloud & Security Platform Lead to join them in what is a brand new position for the company. There’s a lot of scope here for you to have a real impact on their cloud platform. Joining a team of 10, you’d be responsible … for leading the strategy (and setting standards across the department) behind their cloud and security technology, with a focus on working with AWS, which is their cloud provider of choice. What’s in it for me? You’ll get a salary of up to £100K for the role as well as a wide range of benefits. These include an … native application development and microservices architecture. Security is a key aspect of the role, covering both hands-on implementation and compliance. The focus will primarily be on AppSec, encompassing principles and practices such as firewalls, intrusion detection and prevention systems, encryption, and endpoint protection. On the compliance access you’ll need an understanding of security standards and More ❯

plugins, bots, and SSO/LDAP connectors Harden, secure, and monitor platforms with TLS, OAuth2, RBAC , and Zero Trust principles Troubleshoot and support complex platform deployments Collaborate with DevOps, AppSec, and engineering teams Document everything from architecture and configuration to custom builds WHAT YOU NEED TO BE SUCCESFUL Strong hands-on experience with Docker & Kubernetes in live production environments Scripting More ❯

Contract Opportunity: Application Developer – SC Cleared 📍 Hybrid: 3 days on-site (London SW1A), 2 days remote 📅 Start: ASAP | Contract until March 2026 💼 Outside IR35 | £550 per day We’re hiring a Developer/Platform Engineer with active SC clearance to help deliver and maintain scalable, secure, and flexible communication platforms for a critical national programme. This is a unique … plugins, bots, and SSO/LDAP connectors Harden, secure, and monitor platforms with TLS, OAuth2, RBAC , and Zero Trust principles Troubleshoot and support complex platform deployments Collaborate with DevOps, AppSec, and engineering teams Document everything from architecture and configuration to custom builds WHAT YOU NEED TO BE SUCCESFUL Strong hands-on experience with Docker & Kubernetes in live production environments Scripting More ❯

process improvements and optimisations Support in compliance reviews and assessments Engage with projects to scope assessments and provide close out feedback to the project teams Collaborate with the wider Security Operations teams to enable better utilisation of results. Technical Requirements: Advanced with offensive tools such as: Metaspoit, Kali Linux, Cobalt Strike, Mimikatz, Burpsuite or similar tools Good knowledge of … creating scripts in preferred scripting language Technical expertise in system security vulnerabilities and remediation techniques, network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.) Technical expertise in security engineering, system and network security, authentication and security protocols Highest level of technical expertise in cybersecurity, including deep familiarity with relevant penetration and intrusion … techniques and attack vectors Familiarity with the Open Web Application Security Project (OWASP) top 10 vulnerabilities Rate & Duration: £550 - £600 per day 6 Months Penetration Tester - £550 - £600 Per Day – London (Hybrid) – 6 Months - Financial Services More ❯

individuals with strong technical skills and a proactive mindset, eager to make a tangible impact across a wide range of client environments. Working on mission critical projects across National Security, Critical National Infrastructure and Defence the Senior Penetration Tester will liaise with highly-skilled teams acting as a trusted advisor. Key Responsibilities: Conduct hands-on internal penetration tests in … such as CTM, CSTM, CTL, CSTL, OSCP, or CREST/Cyber Scheme qualifications. Brings specialist knowledge in one or more areas of penetration testing – this could include mobile app security, cloud environments, operational technology (OT), or specific sectors such as telecommunications, defence, or maritime. Demonstrates a strong desire to contribute to the growth of the team – whether by supporting More ❯

Application Security Engineer - FinTech Our client is a growing FinTech, building cutting edge trading platforms for hedge funds and investment managers around the world. In London, they’re looking for an Application Security Engineer, with strong Penetration Testing experience, to join them. This is an initial 6 month contract, hybrid working (3 days a week in … the office), outside IR35 and paying ~£550 - £600 per day. This hire is part of a security -focused transformation and you’ll be responsible for identifying and mitigating security vulnerabilities, and risk, within their applications. You’ll focus on building security tools, penetration testing and performing security assessments, whilst updating internal security processes and documentation … the process. Required: Strong experience as an App Sec Engineer Extensive experience of Penetration Testing Hands-on experience with tools such as Burp Suite and Metasploit Capable of designing Security policies, procedures and best practices The ability to investigate and respond to Security related incidents within applications, and work closely with Dev teams throughout API Testing experience (with More ❯