1 to 25 of 84 Application Security Jobs in the UK excluding London

and hands-on expertise to help security and engineering teams across the enterprise embed security into the product development lifecycles. This role is the key advisor on AppSec standards, secure development practices, threat modelling, and security tooling (e.g. SAST, DAST, SCA, IaC scanning, container security, etc.), ensuring consistency and maturity in how applications are built and … Application Security and SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global … secure development policy, including approved tools, practices, and coding standards. Technology & Tooling Strategy: Evaluate, recommend, and support the rollout of AppSec tools such as SAST, DAST, SCA, container and IaC scanners, runtime protections, and CI/CD pipeline integrations. Collaborate with platform and DevOps teams to ensure tool integration and automation into developer workflows across brands. Provide architecture guidance on More ❯

heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity … and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle … software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to More ❯

Lead IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯

you. Our ambitions to shape the future of sustainable mobility are powered by our talent. Join us, and get better with every move. We are looking for a Cyber Security Manager to join the Information Security team on a permanent basis, based at our Bristol office Overall Job Purpose: To collaborate with and support UK business divisions and … other Digital & IT teams, to provide advice guidance and help manage the business' Cyber and Operational Security risks. Build close relationships and liaise with Ayvens Central Security on operational security, internal control and incident response as required. To actively remain informed and educated in respect of new and evolving areas of Technology, Information and Cyber security and be a proactive champion of security within the business. Key Accountabilities: Cyber Security Provide Cyber Security advice to the business in respect of changes, new products, proposed business strategies and projects to ensure that Ayvens UK achieves its business objectives safely and securely. Develop, implement, document, and maintain effective security controls supported by periodic More ❯

month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code … IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. … Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code. DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines More ❯

Job Title: WAF & Application Security SME Location: Birmingham (Hybrid - 60% office/40% home, 3 days in the office mandatory) Salary/Rate: £480 Per Day - Inside IR35 Start Date: 15/09/2025 End Date: 15/09/2026 Job Type: Contract Company Introduction We have an exciting opportunity for a skilled Web Application Firewall (WAF) & Application Security Subject Matter Expert to join a high-profile programme. This role is pivotal in enhancing and tuning WAF solutions across a variety of applications to improve security posture and protect against advanced web-based threats. Job Responsibilities/Objectives You will be responsible for designing, testing, tuning, and implementing advanced WAF configurations … WAF management, tuning, and engineering, with a strong understanding of web application security principles. Proven ability to proactively identify and mitigate false positives. Background in SOC, CSIRT, AppSec, or Ethical Hacking with hands-on log analysis experience. Proficiency in analysing traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major More ❯

everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 The role of Cyber Security Consultant sits within the Cyber Security team in Three UK, which is responsible for providing subject matter expertise and guidance to business units across Three's Network and … policy and standards. In this role you will have a broad and challenging remit, you will therefore need to be flexible and agile in your approach, switching between different security disciplines within the team as necessary. You will be engaging in the delivery of multiple business initiatives by introducing baseline and enhanced security requirements and supporting their implementation … through guidance and advice. You will also be recommending security solutions and then providing design input and technical approvals, assurances, and governance of deliveries that the project carries out with our colleagues and partners. Within the Security team itself you will be expected to collaborate with the wider team and security colleagues providing technical support and guidance More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

Security Development & Test Director 6 Months Hybrid - Birmingham 2 days per week on site £800 per day (Inside IR35) We are currently recruiting for a dynamic Security Development and Test Director to join our growing Security team. This is a great opportunity for you to play a pivotal role in helping to shape our client's transformation … journeys. *** Please note - The selected candidate must be eligible for UK Security Clearance *** The Security Development and Test Director is responsible for overseeing the secure software development lifecycle, security testing, and DevSecOps practices at both strategic and operational levels. The role ensures the effectiveness of security practices in software development, manages security testing, drives operational … maturity improvements, and oversees secure coding practices. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security development and testing activities. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation's resilience against evolving threats. Using your background in managing complex development and testing programs More ❯

The Role We are looking for an exceptionally seasoned Security Architect with over 15 years of progressive experience, including extensive leadership in designing and implementing robust security architectures, particularly within large-scale cloud environments and the highly regulated financial domain. This role demands a deep understanding of complex security challenges, a proven track record of strategic influence … and the ability to translate business requirements into secure, scalable, and compliant technical solutions. Your responsibilities: Strategic Security Leadership: Define, evangelize, and evolve the overall cloud security architecture strategy and roadmap, aligning with business objectives, relevant European regulatory requirements (e.g., GDPR, DORA, PSD2, NIS2 Directive), and industry best practices. Act as a trusted security advisor to senior … leadership, engineering teams, and business units on all aspects of cloud security. Lead the development and implementation of security architectural standards, patterns, and guidelines for cloud-native and hybrid-cloud deployments. Solution Design & Assurance: Provide expert security architecture guidance for critical enterprise applications, infrastructure, and data platforms, with a strong focus on secure-by-design principles. Conduct comprehensive More ❯

We are currently looking for a WAF & Application Security SME to join an existing team at one of our retail banking clients. The role will be working on the enhancement of a Web Application Firewall across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF uplifts. This role involves a strong … cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities Identification and … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic Experience More ❯

Security Engineer Level: Mid-Level Location: One of our London, Basingstoke or Bristol offices, minimum of 2 days per week Team: Security/Engineering Salary: £48,120 - £64,150 About the Role: Welcome to Hawk-Eye Innovations; I'm Jon, the Senior Security Engineer at Hawk-Eye and the hiring manager for this position. We are looking … for a Security Engineer with a strong foundation in application and cloud security to help protect our organisation's digital assets and support the secure development of our products and infrastructure. You will work cross-functionally with engineering, product, and operations teams to embed security best practices across the software development lifecycle. This is an exciting … opportunity to make a meaningful impact on the security posture of a fast-moving technology environment while growing your expertise in modern cloud and application security. Key Responsibilities: Conduct security reviews and audits of applications and cloud infrastructure Implement security controls and testing into CI/CD pipelines Identify and remediate vulnerabilities in applications and cloud More ❯

Security Engineer Level: Mid-Level Location: One of our London, Basingstoke or Bristol offices, minimum of 2 days per week Team: Security/Engineering Salary: £48,120 - £64,150 About the Role: Welcome to Hawk-Eye Innovations; I'm Jon, the Senior Security Engineer at Hawk-Eye and the hiring manager for this position. We are looking … for a Security Engineer with a strong foundation in application and cloud security to help protect our organisation's digital assets and support the secure development of our products and infrastructure. You will work cross-functionally with engineering, product, and operations teams to embed security best practices across the software development lifecycle. This is an exciting … opportunity to make a meaningful impact on the security posture of a fast-moving technology environment while growing your expertise in modern cloud and application security. Key Responsibilities: Conduct security reviews and audits of applications and cloud infrastructure Implement security controls and testing into CI/CD pipelines Identify and remediate vulnerabilities in applications and cloud More ❯

Senior Cyber Security Architect page is loaded Senior Cyber Security Architect Apply locations Belfast Birmingham Derry-Londonderry Homeworker - UK time type Full time posted on Posted 2 Days Ago job requisition id JR_15730 Join Kainos and Shape the Future At Kainos, we're problem solvers, innovators, and collaborators - driven by a shared mission to create real impact. … that celebrates creativity and collaboration. Ready to make your mark? Join us and be part of something bigger. Main purpose of role & level in the business: As a Senior Security Architect in Kainos, you'll be responsible for the design and application of industry leading security practices in the platforms and services we build for our customers. … in variety, from visa and passport processing systems tohospitalmedical record platforms and globalfinancial management andHCM systems. You'll work with Agile delivery teams to ensure that they follow good security practices throughout the software development journey. You'll learn about and apply new technologies and approaches, with talented colleagues who will help you develop and grow. You'll share More ❯

As a Security Architect (Consultant) in Kainos, you'll be responsible for the design and application of good security practices in the platforms and services we build for our customers. You'll work with Agile delivery teams to develop good security practices throughout the software development journey. You'll learn about and apply new technologies and … provide direction and leadership for your team as you solve challenging problems together. Experience in the secure design and delivery of new cloud services and solutions. Experience in identifying security issues in existing system designs or products, including recommending sensible mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST … PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience testing the security of software and infrastructure using appropriate security tools. Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques. Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls More ❯

Your role at Dynatrace We're looking for a Lead Information Security Analyst with deep expertise in Salesforce (SFDC) security to help safeguard our enterprise systems and support secure digital transformation. Dynatrace exists to make the world's software work perfectly. Our unified software intelligence platform combines broad and deep observability and continuous runtime application security … values, ideas, and expertise. These qualities are what make our global team stronger and more seasoned. We're fueled by the diversity of our talented employees. • Represent the Corporate Security team in the selection and implementation of large ERP type packages. Most specifically SFDC but others as well. • Train and coordinate with systems application owners, data custodians, technical … leads, and business impact analysts on security standards, guidelines, and vendor risk management of the systems within the organization and sub organizations. • Build relationships with Dynatrace Business Systems application teams. • Create, conduct, and report on security audits and assessments for all systems applications (custom, SaaS and 3rd Party applications). • Provide guidance and support over the teams More ❯

Our client, a leading global organization, is partnering with a prestigious end client based in Reading. Were excited to offer an outstanding opportunity for a Security Architect with strong background in financial services to join a dynamic team on an initial 6-month contract. If you are interested and have the relevant skills and experience, please apply promptly to … discuss further. Location: Reading, UK (Hybrid 4 days onsite) Contract Duration: 6 Months Rate: £700 - 750 Inside IR35 About the Role We are seeking an exceptionally experienced Security Architect to join a major transformation programme in the financial services sector . This is a hands-on, strategic role that involves shaping cloud security architecture, influencing senior stakeholders, and … helping build secure, resilient systems in one of the most tightly regulated industries in the world. Why This Role is Unique Step into a mission-critical role influencing the security posture of a major financial player. Collaborate on high-scale, multi-cloud projects using cutting-edge technologies (AWS, Azure, GCP). Be part of a forward-thinking environment focused More ❯

About the role: Join Our Team at Holland & Barrett! Are you passionate about cloud security and looking to make a significant impact? Holland & Barrett is seeking a Cloud Security Specialist to help us define and implement our cloud security strategy. If you're an experienced professional eager to work with cutting-edge technology and collaborate with diverse … teams, we want to hear from you! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports our business. Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining … an edge network with a Web Application Firewall (WAF), Distributed Denial of Service (DDoS) protection, and a Content Delivery Network (CDN). Access Control: Establish an access control baseline focusing on the principle of least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set. Security Controls: Design, implement, and maintain security More ❯

Our team of hundreds of skilled experts keep Formula 1 moving. We re on the lookout for a Security Engineer. Reporting to the Cyber Security Manager, the main purpose of this role is to support the development and management of security technologies across F1 s growing technology landscape. Main Duties & Responsibilities: Assess and maintain high standards of … security maturity across Formula 1 s cloud infrastructure Focus on new and existing infrastructure, managing technical vulnerabilities, support continued system maintenance, and minimise technical debt Ensure visibility and reporting of Cloud infrastructure against Formula 1 s compliance and security standards (such as ISO 27001 and CIS) Main duties to be carried out include, but not limited to: Vulnerability … Management and reporting across Formula 1 s cloud environment(s), including: Development of requirements, design, and implementation of cloud security tools (E.g. compliance and host security) A key focus on threat detection and risks across cloud environments Identification, remediation, and reporting of security vulnerabilities Reporting on compliance to F1 s security standards Support in the delivery More ❯

My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance … with defence-grade standards. Key Responsibilities Risk Assessments & Vulnerability Management Conduct comprehensive security risk assessments at each product phase (design, implementation, deployment). Identify vulnerabilities in architectures, codebases, and configurations; drive remediation with development and operations teams. Secure Development Practices Partner with software and hardware engineers to integrate secure coding and design principles (e.g., threat modelling, secure-by-design … . Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management Plans). Testing More ❯

I am hiring a Cyber Security Engineer on behalf of a software development company specializing in high-end digital solutions for industrial and healthcare sectors. Known for its agile methodologies and collaborative work culture, they emphasize innovation, quality, and client-centric development. As a Cyber Security Engineer, you ll contribute to securing complex software systems, ensuring robust data … risk and threat analyses, as well as penetration tests to uncover vulnerabilities Supporting internal and client teams with best practices for secure system and process development Facilitating workshops and security training sessions across interdisciplinary teams Clearly communicating security implications with developers, product owners, and stakeholders This role is remote in Germany with occasional travel to client site Essential … Professional experience in a similar role such as Security Engineer, Penetration Tester, DevSecOps etc. Knowledge of the following areas: Penetration Testing, Threat Modelling, Application Security, Security by Design etc. Solid understanding of software development and system architecture basics Strong communication and interpersonal skills Self-driven, solution-oriented approach to identifying and resolving issues German language skills More ❯

and software management, anchored in a continuous innovation culture. What you'll be doing: As a DevOps Engineer at Ripjar you will be responsible for ensuring the reliability and security of the infrastructure that underpins our development and operational services. You will play an active role in supporting and continuously improving our core infrastructure offering, providing a solid foundation … and applications hosted on Linux-based systems. Design, deploy and maintain IP networks. Create robust automated solutions to allow development teams to self-serve routine infrastructure requests. Improve code security by integrating security testing tools into build and deployment pipelines. Implement effective monitoring of the reliability and security of applications and infrastructure services. The successful candidate should … administering IP networking in a corporate environment. Experience of automating tasks using languages and tools such as Bash, Python, JavaScript, and GitHub Actions. Knowledge of how to effectively use security testing and monitoring tooling, e.g. SAST and SIEM products. Candidates with the following background will be of particular interest: Experience contributing to incident response across a complex microservice-based More ❯