1 to 25 of 65 Application Security Jobs in the UK excluding London

to join their existing & high performing large scale In - House Security Team including SOC & Cyber Analysts through to Experienced Cyber Security Engineers & Security Architects. As an AppSec Engineer you will focus on the technical side of IT Security, specifically looking at Application Security & Code Analysis, ensuring their Applications are Built Securely. The Information & Cyber … working closely with the Software Development Team , to confirm that Application Based Vulnerabilities are Understood & Mitigated meaning that Code Reading Skills are also desirable. Skills & Experience of the AppSec Engineer role: Hands-On Experience with Security Assessment Tools & Techniques including Penetration Testing & Code Review. Use of Planned, Structured Methodologies for Conducting & Reporting on Web Application Penetration Testing. … Department to ensure Security is considered throughout SDLC. Identifying any Security Issues within the Businesss Software and Manage through Liaising with External Stakeholders as & when necessary. Searches: AppSec/Application Security/SDLC/Software Application Security/Application Security Engineer/Cyber Security Engineer/Software Application Security More ❯

Application Security Engineer Salary: Up to £90,000 + Discressionary Bonus (Depending on experience) Hybrid Working - 3 day on-site (Bristol or Edinburgh) Spencer rose are currently hiring for an Application Security Engineer with one of their key clients with offices based in Edinbrugh or Bristol depending on your location, on a permanent basis. This is … a technical role so within this role the Application Security Engineer will be responsible for integrating security within development and providing application security testing. The Application Security Engineer will have the following responsibilities: Taking ownership of technical security aspects for application development Leading application security testing of components and … services through the Development Lifecycle Provide clear security input on solution design, ensuring principles and best practices are applied at software and platform levels. Support architects with security input and offer expert guidance in governance forums. The Application Security Engineer will need the following skills/experience: Must have at least 3+ years experience within Application More ❯

Application Security Engineer Salary: Up to £90,000 + Discressionary Bonus (Depending on experience) Hybrid Working - 3 day on-site (Bristol or Edinburgh) Spencer rose are currently hiring for an Application Security Engineer with one of their key clients with offices based in Edinbrugh or Bristol depending on your location, on a permanent basis. This is … a technical role so within this role the Application Security Engineer will be responsible for integrating security within development and providing application security testing. The Application Security Engineer will have the following responsibilities: Taking ownership of technical security aspects for application development Leading application security testing of components and … services through the Development Lifecycle Provide clear security input on solution design, ensuring principles and best practices are applied at software and platform levels. Support architects with security input and offer expert guidance in governance forums. The Application Security Engineer will need the following skills/experience: Must have at least 3+ years experience within Application More ❯

Application Security Engineer Bristol - 3 days a week on site £90,000 + great benefits An impressive financial services business is looking to hire an Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to take 3 -5 years. … The successful Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of technology changes moving forward. … Application Security Engineer Duties and Responsibilities The successful Application Security Engineer will: Provide security input into solution design to ensure that security principles are incorporated at both the platform and software level Automate tooling to run security fixes over a variety of repo's Ensure that security requirement input is provided across More ❯

Application Security Engineer Bristol or Edinburgh - minimum of 3 days per week on site. £90,000 + great benefits An impressive financial services business is looking to hire an Application Security Engineer to support this team with the risk and remediation activities. This business is going through a big technology transformation programme that is estimated to … take 3 -5 years. The successful Application Security Engineer will be part of this journey and have great technical exposure and the ability to rapidly progress. Working closely in one of transformation projects, the successful Application Security Engineer will work closely with the wider security and technology teams to define the strategy and roadmap of … technology changes moving forward. Application Security Engineer Duties and Responsibilities The successful Application Security Engineer will: Provide security input into solution design to ensure that security principles are incorporated at both the platform and software level Automate tooling to run security fixes over a variety of repo's Ensure that security requirement More ❯

We are looking for an experienced Application security specialist to join our Cyber team with a hyper focus on supporting our application security architecture and risk management programme. You will help us build out a world class capability to align with our key stakeholders in the Games teams to provide a clear plan, review and support … lifecycle and overall risk remediation. This is a hybrid role : Location: Cambridge, UK with travel to the office once per week. What you'll be doing: Provide guidance on security best practices and compliance and undertake security testing Identify Application security risks and requirements for new projects and system developments Represent cyber in review sprints on … application security prior to live implementation Collaborate with the architecture and development teams to review the design and code for security vulnerabilities Establish a threat modelling capability and evangelise secure coding in the development lifecycle Provide technical specialist advice to ensure that security standards are understood and can be complied with Develop security testing plans More ❯

Application Security Specialist (DevOps) Hybrid – Cambridge, UK (1 day a week in office) We’re looking for an experienced Application Security Specialist to join a growing cyber security team and play a key role in shaping a world-class application security programme. This role will give you the chance to work closely with … engineering and development teams, embedding security into the development lifecycle, driving automation, and influencing remediation plans that have real impact. What you’ll be doing Guiding teams on security best practices, compliance, and secure coding. Collaborating with architects and developers to review designs and code for vulnerabilities. Embedding/improving threat modelling and secure development practices into the … SDLC. Designing and integrating security testing plans. Performing and overseeing application security testing and driving remediation. Managing end-to-end vulnerability workflows, including bug bounty findings. Supporting incident response activities when needed. Monitoring and reporting on application security metrics, KPIs, and emerging threats. Automating processes for vulnerability detection and integrating tools into the pipeline. Note More ❯

heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity … and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle … software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to More ❯

The Head of Application and Product Security is a strategic leadership role responsible for safeguarding the application landscape and digital products within HL. This pivotal position ensures that security is embedded throughout the software development lifecycle and product innovation pipeline, providing assurance to clients, regulators, and stakeholders during a period of significant digital transformation and on … an ongoing basis. The role will champion secure-by-default/design principles, drive security best practices, and lead a high-performing team in the context of ambitious cloud adoption, agile delivery, and regulatory evolution. The role balances strategic vision with operational oversight, ensuring security resilience and enabling the firm's growth aspirations. What you'll be doing … Provide strategic leadership, direction and vision for all aspects of application and product security across the firm's digital portfolio, products and services. Establish, communicate, and maintain security policies, standards, and practices for code, applications, APIs, customer platforms, and digital products. Embed security by design, threat modelling, and secure coding practices across agile and DevOps teams More ❯

Application Security Engineer I'm partnering with a purpose-led organisation that exists to improve the lives of others to find an Application Security Engineer to join their Cyber Security function and take ownership of product security across a diverse digital estate. This is ideal for someone with a strong technical background in secure … software development or offensive security testing. You'll be joining at a key point in their transformation journey, with the freedom to shape how application security is delivered. They're looking for someone who's hands-on, passionate about protecting customer data, and confident embedding security practices directly into engineering teams. They're specifically interested in … candidates who have experience: Familiarity with software such as JAVA Applying the Secure Software Development Lifecycle (SSDLC) Freedom and support for application security function Driving cyber maturity uplift across multiple products Communicating technical risks to non-technical stakeholders Details: Location: Bristol or Edinburgh Salary: up to £80,000-£90,000 Benefits: Generous benefits package! If this sounds like More ❯

Senior Application Security Engineer | Permanent | UK (Hybrid - a few times per month) | £84k We're working with a forward-thinking professional services firm on a key hire to embed security into every part of their digital product journey. They're looking for a Senior Application Security Engineer to drive secure-by-design principles across new … and evolving applications and act as a Subject Matter Expert for software security across the business. This is a high-impact role in a collaborative, ambitious, and people-focused IT team. You'll play a hands-on role, shaping security culture, guiding engineering teams, and ensuring that security is integrated into every stage of the software development … lifecycle. What you'll be doing: Leading the cultural shift towards secure software development across product teams Defining and implementing the software security strategy in line with business goals Collaborating with developers to automate security testing and embed security requirements into the SDLC Supporting penetration testing, vulnerability management, and remediation efforts Acting as a software security More ❯

team. Working closely with the Cyber team as well as the digital team to ensure cybersecurity is embedded across all digital platforms. Key skills & Responsibility Lead the integration of security into the software development lifecycle (SDLC) using DevSecOps principles. Define and implement release strategies with a strong emphasis on application security. Identify and remediate security vulnerabilities through … and automated tooling. Collaborate with cross-functional teams to establish secure coding standards and quality benchmarks. Provide expert consultancy and guidance to engineering teams, enabling them to meet strategic security goals. Drive adoption of security best practices across CI/CD pipelines and cloud-native environments. Accountabilities Provide technical cyber leadership across all development teams, focusing on application security for our various digital platforms (web and mobile). Secure our CI/CD pipelines and provide improvement plans and requirements to those that use them, while overseeing the consistent adoption of secure practices across teams. Support the vulnerability management process, raising awareness and embedding secure development principles with development teams. Evaluate, implement, support and communicate new More ❯

us and be at the forefront of the green revolution, where every line of code contributes to a cleaner, brighter future. Key Responsibilities: Develop and maintain the enterprise cyber security architecture for the Group including development of enterprise architecture standards and patterns that address the requirements of both IT and OT that aligns with industry standards, regulatory requirements and … best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge of security assurance to critical IT security projects and programmes. Lead SSE's … Secure by Design approach and provide technical expertise and support for the development and implementation of cyber security policies and architecture standards and patterns. Define and manage a security tooling roadmap to ensure the implementation of effective security controls and technologies and regularly update cyber security technical strategies including emerging innovation and technological advancements. Establish and More ❯

us and be at the forefront of the green revolution, where every line of code contributes to a cleaner, brighter future. Key Responsibilities: * Develop and maintain the enterprise cyber security architecture for the Group including development of enterprise architecture standards and patterns that address the requirements of both IT and OT that aligns with industry standards, regulatory requirements and … best practice in support of high risk and critical programmes and projects. * Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge of security assurance to critical IT security projects and programmes. * Lead SSE's … Secure by Design approach and provide technical expertise and support for the development and implementation of cyber security policies and architecture standards and patterns. * Define and manage a security tooling roadmap to ensure the implementation of effective security controls and technologies and regularly update cyber security technical strategies including emerging innovation and technological advancements. * Establish and More ❯

Our client, a leading global organization, is partnering with a prestigious end client based in Reading. Were excited to offer an outstanding opportunity for askilled Financial Services Security Architect to join a dynamic IT team . If you are interested and have the relevant skills and experience, please apply promptly to discuss further. Job Title: Financial Services Security Architect Location: Reading, UK (Hybrid 4 days onsite) Duration: 6 months Rate: £765 - 775 per day Inside IR35 We are seeking an exceptionally experienced Security Architect to join a high-profile programme within the financial services sector. This is a senior-level opportunity for a security leader with extensive experience designing and implementing enterprise-grade security architectures across complex, highly regulated environments. The role will focus heavily on cloud security, AI/ML security, regulatory compliance, and secure-by-design frameworks for critical systems. Why This Role? Shape and deliver the security architecture strategy for enterprise cloud and AI/ML programmes. Work on cutting-edge initiatives in the financial services domain More ❯

and this is your opportunity to play a key role in embedding application security into products enjoyed by millions worldwide. If you're passionate about secure design, AppSec tooling, and enabling engineering teams to build secure software by default, this role offers real impact at scale. Whilst they continue to build out their security function, you'll … experience in application security or secure software development. Strong understanding of vulnerabilities and prevention techniques (OWASP Top 10). Experience with CI/CD pipelines and integrating AppSec tooling. Strong understanding of modern programming languages (JavaScript, Java, Python). Strong communication skills and ability to collaborate with technical and non-technical stakeholders. *Unfortunately, we are not able to … provide sponsorship for this role.* If you're ready to grow your career in a hands-on AppSec role and help shape secure software at scale, apply now or reach out directly to (url removed). Lawrence Harvey is acting as an Employment Business in regards to this position. Visit our website and follow us on Twitter for all live More ❯

Security Engineer Kent, Hybrid Competitive Salary VIQU have partnered with a leading automotive organisation in Kent to search for an experineced Security Engineer . This role is all about protecting and improving cloud and infrastructure environments, driving security automation, and helping shape DevSecOps practices. You’ll work across AWS and modern platforms, supporting both day-to-day … security operations and longer-term strategic projects. Key Responsibilities: Maintain strong security posture across cloud infrastructure Manage vulnerabilities and support regular system maintenance Design, implement, and manage security tooling in cloud environments ( AWS focus ) Support threat detection, incident response, and risk mitigation activities Contribute to compliance initiatives (ISO 27001, CIS benchmarks ) Collaborate with infrastructure and platform teams … to embed security controls Apply secure DevOps practices (code scanning, container security, IaC) Support governance, reporting, and vulnerability management processes Participate in security reviews, threat assessments, and architecture decisions Key Requirements: 3+ years’ hands-on experience with AWS security services (CloudTrail, GuardDuty, WAF, IAM, Security Hub) Strong knowledge of cloud governance and security best More ❯

Security Engineer Kent, Hybrid Competitive Salary VIQU have partnered with a leading automotive organisation in Kent to search for an experineced Security Engineer . This role is all about protecting and improving cloud and infrastructure environments, driving security automation, and helping shape DevSecOps practices. You’ll work across AWS and modern platforms, supporting both day-to-day … security operations and longer-term strategic projects. Key Responsibilities: Maintain strong security posture across cloud infrastructure Manage vulnerabilities and support regular system maintenance Design, implement, and manage security tooling in cloud environments ( AWS focus ) Support threat detection, incident response, and risk mitigation activities Contribute to compliance initiatives (ISO 27001, CIS benchmarks ) Collaborate with infrastructure and platform teams … to embed security controls Apply secure DevOps practices (code scanning, container security, IaC) Support governance, reporting, and vulnerability management processes Participate in security reviews, threat assessments, and architecture decisions Key Requirements: 3+ years’ hands-on experience with AWS security services (CloudTrail, GuardDuty, WAF, IAM, Security Hub) Strong knowledge of cloud governance and security best More ❯

Identification and crafting of complex custom WAF rules & features to mitigate MVP and security posture gaps Crafting efficacy testing for baseline & custom rules and features and integrating testing in the automation pipelines Providing SME support for other security testing such as WAF PoCs, new features and solutions with a potential cost saving if we use in-house resource … policies and rules tailored to specific applications and environments. Proactively assist with identifying false positives Collaborate with cross-functional teams to ensure seamless integration of WAF solutions into existing security infrastructure. Provide recommendations for WAF configuration based on best practices and security requirements. Perform regular assessments and audits of WAF configurations to ensure optimal security posture and … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic Experience More ❯

Role: Senior Cyber Security Engineer (Cyber SME) Salary: Up to £70,000 Location: Reading/Birmingham - Hybrid (1 day/week in office) Be the Cyber Security Subject Matter Expert protecting the backbone of our business.Are you a highly skilled cyber security professional ready to take ownership of security engineering and infrastructure hardening? We're looking … for a Senior Cyber Security Engineer to join our team and act as the go-to expert for all things security.Reporting to the head of security, you'll play a critical role in protecting our infrastructure, networks, and data, while guiding teams across the business with your deep technical expertise. What You'll Do Serve as the Cyber … Security Subject Matter Expert, advising on secure systems design, change control, and implementation of robust security controls. Lead the technical vulnerability management programme, with a strong focus on application security, web application firewalls, and secure DevOps pipelines. Provide security leadership and mentoring , supporting colleagues and enhancing security awareness across the business. Actively contribute More ❯

My client, a Global organisation based in Newcastle city centre are seeking an experienced Head of Security and Platform Engineering to start ASAP. This pivotal role takes the lead in delivering breakthrough improvements in reliability and performance across technology platforms, ensuring our systems consistently exceed expectations. As the leading force behind our cyber security agenda, you will champion … a step change in modern security controls—introducing cutting-edge measures that protect the business. You will lead four core technology towers, and inspire teams to set bold targets, measure progress, and celebrate success as we raise the bar for platform resilience, scalability, and security. Key Responsibilities: Strategic Leadership & Governance Define and drive the vision, strategy, and roadmaps for … objectives and risk appetite. Oversee integration and collaboration across the four core platform towers: Digital Workspace Services (DWS) Support and System Reliability Engineering (SSRE) Platform and Cloud Engineering (PaCE) Security & Network Operations (SNOPs) Establish and socialise the Cyber Security Strategy and Roadmap, ensuring alignment with enterprise resilience and regulatory requirements Cyber Security Leadership Shape the cyber security More ❯

Security Architect £95,000 - £125,000 GBP Hybrid WORKING Location: Manchester, North West - United Kingdom Type: Permanent Role: Security Architect Salary: £95,000 - £120,000 per annum + Benefits Location: Open to UK-wide candidates (Remote/Hybrid options available) Overview We are hiring for a Security Architect with a strong consultancy background to lead the secure … services across a diverse range of digital transformation projects. This is a hands-on leadership role suited to someone who thrives in Agile environments and is passionate about embedding security throughout the software development lifecycle. Key Responsibilities Lead the secure design of cloud services and solutions in line with defined security strategies Identify and mitigate security risks … in existing system designs, balancing cost, risk, and usability Guide Agile delivery teams on secure development practices and tooling Educate internal teams and clients on security principles and standards Manage, mentor, and develop a small team of security professionals Provide technical direction and leadership across projects Essential Skills & Experience Proven expertise in secure cloud architecture and solution design More ❯

About the role: Join Our Team at Holland & Barrett! Are you passionate about cloud security and looking to make a significant impact? Holland & Barrett is seeking a Cloud Security Specialist to help us define and implement our cloud security strategy. If you're an experienced professional eager to work with cutting-edge technology and collaborate with diverse … teams, we want to hear from you! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports our business. Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining … an edge network with a Web Application Firewall (WAF), Distributed Denial of Service (DDoS) protection, and a Content Delivery Network (CDN). Access Control: Establish an access control baseline focusing on the principle of least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set. Security Controls: Design, implement, and maintain security More ❯

Technical Azure Security Engineer - Audit Technology £60,000 - £70,000 GBP Hybrid WORKING Location: Central London, Greater London - United Kingdom Type: Permanent Location: London Salary: £70,000 Contract Type: Permanent, Full-Time Shape the future of audit through secure cloud engineering. Join a high-impact technology team delivering secure, scalable solutions for a leading audit platform. This is a … hands-on, delivery-focused role embedded within a cloud-native engineering group, with a dotted-line relationship to a central security architecture function to ensure alignment with governance and standards. Your Impact As a trusted security engineer, you will: Secure CI/CD pipelines and infrastructure-as-code (IaC) deployments across Azure. Lead container, API, and web application security initiatives, including code reviews. Support threat modelling, vulnerability management, and penetration testing activities. Drive logging integration with SIEM tools, enabling SOC monitoring and incident response. Coach engineering teams on cloud security principles and manage audit-related actions. What You'll Bring Essential Skills: Deep expertise in Azure security controls and cloud-native security practices. More ❯

DevSecOps Engineer | Permanent | UK (Hybrid - A few times per month) | £84k We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a DevSecOps/Lead Software Security Engineer … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯