1 to 25 of 70 Secure Coding Jobs in London

implement secure software development practices Integrate security gates into CI/CD pipelines following DevSecOps principles Establish security quality gates and acceptance criteria Develop secure coding standards based on OWASP guidelines Create security architecture patterns and reference implementations Security Code Reviews & Testing Conduct in-depth security code reviews for critical features Implement automated security testing … security linters and pre-commit hooks Create automated vulnerability tracking and remediation workflows Implement secret scanning and dependency checking Build security dashboards and metrics reporting Create secure coding guidelines for different technology stacks Develop a security champions program aligned with OWASP SAMM Conduct security training on platform-specific vulnerabilities Provide hands-on guidance during security incidents Build … years of application security experience Deep understanding of security vulnerabilities across web and mobile platforms Hands-on experience with security testing tools and methodologies Expertise in secure coding practices and design patterns Experience with modern development frameworks (React, Angular, ReactNative, Flutter) Security Domain Knowledge Expert knowledge of OWASP standards (Top 10, ASVS, SAMM, MASVS) Understanding of cryptographic More ❯

proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring that threat modelling and architecture reviews are consistently applied across all development efforts. You will work closely with engineering, and platform teams to integrate security into … ISO 27001, FCA, and NIST standards. Contribute to audit readiness and support compliance automation platforms such as Drata Collaboration & Training Work with engineering teams to promote secure coding practices. Support the rollout of role-based security training and awareness initiatives. Act as a security champion within development squads and mentor junior engineers. Requirements Broad experience in application … security or secure software development. Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling. Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps practices. Knowledge of regulatory frameworks (ISO 27001, FCA, NIST). Excellent communication skills More ❯

editorial standards, but also on the security, reliability and resilience of the systems behind every stream, story and service. In Engineering Enablement , we're the team that makes secure, high-velocity delivery possible. We build shared cloud platforms, developer tooling and guardrails that let hundreds of product teams ship confidently and sustainably. We're hiring a Principal Software … across the BBC. You'll work hands-on with engineering teams, applying InfoSec-led policies and architecture in delivery contexts. You'll support threat modelling, promote secure coding practices, and help scale Secure SDLC across the organisation - without reinventing governance or duplicating policy. It's a high-trust role with real impact: translating strategic security … security policy and architectural guidance. Promote secure SDLC practices across engineering teams, collaborating with InfoSec on shared tooling, templates and enablement. Help teams adopt secure coding standards and integrate automated security checks (SAST, DAST, dependency scanning) into CI/CD pipelines. Participate in threat modelling using InfoSec-led methodologies and coordinate validation and review workflows. More ❯

websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our … well-considered recommendations to management. Development of Security Standards: Develop and maintain best practices and security standards for the organisation, guiding teams in the implementation of secure coding practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in … or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of More ❯

In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI/CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely … as fast, hassle free processes to deliver an unbeatable customer experience. The role Define, champion, and embed secure software development lifecycle (SSDLC) practices and secure coding standards across engineering teams through collaboration, training, and tooling. Architect, build, and maintain automated security controls, tooling, and "security rails" within CI/CD pipelines to ensure secure … CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and supporting the adoption of secure software development lifecycle (SSDLC) practices and secure coding standards within engineering organizations. Strong understanding of web application security vulnerabilities (OWASP Top 10 and beyond), attack vectors, and mitigation techniques. Significant experience securing Infrastructure as Code (IaC) , particularly More ❯

our products. You will play a important role in safeguarding all digital channels that collectively generate billions of pounds in annual ticket sales, ensuring that our systems stay secure, resilient, and innovative in the face of evolving threats. As a Senior Product Security Engineer at Trainline, you will be responsible for Security in the Development Lifecycle : Drive the … are mitigated effectively and implement permanent fixes to prevent reoccurrence. Training and Security Advocacy : Develop and deliver training programs to enhance the organisation's understanding of secure coding and deployment practices. Serve as a security mentor and advocate, fostering a culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align … risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge and Implementation experience: Direct experience with threat modelling, security reviews, and penetration testing. Proven More ❯

WTW. This is a global function, supporting all WTW colleagues. An experienced candidate will be responsible for bringing technical Cybersecurity training skills, such as DevSecOps, Network, Cloud and Secure Code training, to the EAC team - helping to expand and elevate our Cybersecurity culture. The candidate will be a part of a mission-driven team, focused on continuous learning … via E-learning modules, to WTW's technology community Creating and managing educational events such as tournaments and hackathons to facilitate learning and adopt new techniques in a secure way Creating a community environment to facilitate the sharing of threat landscapes, TTPs, and other intelligence Delivering a global Cybersecurity cultural awareness uplift to colleagues across the technology community … the Education, Awareness and Communication team to ensure deliverables are met The Requirements: Skills: Experience in creating and delivering technical Cybersecurity training such as DevSecOps and Secure Coding Strong understanding of Security principles and technologies; Network security, Information Security, Firewalls, Endpoint Detection, Cloud security Strong understanding of secure coding practices such as OWASP top More ❯

career-advancing resources here to help you develop into a better-rounded professional. BASIC QUALIFICATIONS - 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience - Knowledge of commonly found software security vulnerabilities (like OWASP top 10) and remediation techniques - 2+ years … or similar: Python, Ruby, Go, Swift, Java, .Net, C++. PREFERRED QUALIFICATIONS - Experience with AWS products and services - Experience with any combination of the following: threat modelling, secure coding, identity management and authentication, software development, cryptography, system administration and network security - Experience with Security Engineering (building tools) and Assurance methodologies e.g. fuzzing, static and dynamic code analysis Amazon More ❯

Protect Granola's technology and users by building secure systems and fostering security culture We're looking for a security engineer who is passionate about application security to help us protect our users and build trust as we scale. In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's applications, building security … to identify vulnerabilities in our applications Design and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyze, and manage vulnerabilities in applications, providing … threats, vulnerabilities, and technologies to enhance our security posture Your background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modeling, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security More ❯

UK SC clearance Are you ready to lead a high-impact security development and testing function? We’re looking for a Security Development and Test Director to oversee secure software development lifecycle, DevSecOps integration, and security testing at scale within a fast-growing security team. This is a unique opportunity to drive operational excellence and shape secure … Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with … technical expertise and solution design Own service delivery quality and client satisfaction Define and enforce secure architecture and coding standards Lead DevSecOps integration with automated security testing in CI/CD Drive continuous process improvements and automation adoption Monitor and report on KPIs like vulnerability remediation, tool adoption, and training uptake Collaborate cross-functionally with architects, engineers More ❯

UK SC clearance Are you ready to lead a high-impact security development and testing function? We’re looking for a Security Development and Test Director to oversee secure software development lifecycle, DevSecOps integration, and security testing at scale within a fast-growing security team. This is a unique opportunity to drive operational excellence and shape secure … Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with … technical expertise and solution design Own service delivery quality and client satisfaction Define and enforce secure architecture and coding standards Lead DevSecOps integration with automated security testing in CI/CD Drive continuous process improvements and automation adoption Monitor and report on KPIs like vulnerability remediation, tool adoption, and training uptake Collaborate cross-functionally with architects, engineers More ❯

sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving tooling, and supporting vulnerability remediation. … a global team in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success. How will you contribute? Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modeling … will you bring? 7+ years of experience in Product Security, Application Security, or a related security engineering role. Deep expertise in secure software development, secure coding practices, and OWASP Top 10/CWE 25. Strong technical proficiency in modern programming languages (e.g., Python, Java, JavaScript, Go, or C#). Experience with cloud-native security (AWS More ❯

or Cambridge Salary: £70,000 - £120,000 (depending on experience and clearance) We are looking for a Full Stack Developer to join a growing public sector team delivering secure, high-impact digital services across Defence & Security. This is a unique opportunity to use your development expertise to help solve real-world challenges for government and national security clients. … collaborative and supportive engineering team, working alongside technical leads, project managers, and stakeholders to deliver robust and scalable solutions. What you'll be doing: Designing, developing and deploying secure, high-performing web applications for government clients Working across the full software development lifecycle, from requirements through to production Building responsive user … interfaces using modern front-end technologies Developing scalable server-side functionality with appropriate frameworks and languages Creating and maintaining RESTful APIs for integration across platforms Following secure coding practices and supporting compliance with government security standards Conducting security reviews and supporting remediation of vulnerabilities Translating technical requirements into delivery plans and code Communicating effectively with both technical More ❯

or Cambridge Salary: £70,000 - £120,000 (depending on experience and clearance) We are looking for a Full Stack Developer to join a growing public sector team delivering secure, high-impact digital services across Defence & Security. This is a unique opportunity to use your development expertise to help solve real-world challenges for government and national security clients. … collaborative and supportive engineering team, working alongside technical leads, project managers, and stakeholders to deliver robust and scalable solutions. What you'll be doing: Designing, developing and deploying secure, high-performing web applications for government clients Working across the full software development lifecycle, from requirements through to production Building responsive user … interfaces using modern front-end technologies Developing scalable server-side functionality with appropriate frameworks and languages Creating and maintaining RESTful APIs for integration across platforms Following secure coding practices and supporting compliance with government security standards Conducting security reviews and supporting remediation of vulnerabilities Translating technical requirements into delivery plans and code Communicating effectively with both technical More ❯

integrating security tools and processes into our CI/CD workflows to enhance the developer experience Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies Create security focused DevSecOps policies and standards and provide training and awareness to the development team Develop Key Risk More ❯

execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and … Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation … strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as More ❯

a Lead Software Security Engineer to take our product security program to the next level. This is a high-impact, hands-on role where you'll guide the secure design and development of distributed systems, shape engineering and product roadmaps, and foster a security-first mindset across teams. WHAT YOU'LL DO Be a Security Champion Be a … trusted advisor and advocate for security across the development lifecycle, influencing architecture, design and implementation decisions. Embed secure development practices into day-to-day workflows across engineering teams. Own the vulnerability management lifecycle: from discovery and triage to remediation tracking and coordinated disclosure. Build Secure Products by Design Conduct threat models, security architecture reviews and risk … strong understanding of security principles and engineering realities. Must-Have Experience Proven experience in application and product security, including secure design, threat modeling and secure coding practices. Strong knowledge of security issues in modern software stacks, such as Java, distributed systems, microservices, containers, etc. Experience integrating security tools into development pipelines (eg. static/dynamic More ❯

execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and … Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw … mitigation strategies. Key Requirements: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Familiarity with Agile methodologies like SCRUM More ❯

to design, build, and implement new capabilities that enhance our service offerings. What You'll be doing as a Senior Software Engineer Design and develop robust, scalable, and secure applications using Python Leverage existing cloud-based technology to build and deploy applications that meet the needs of the card issuing market. Collaborate with Product Managers, UX/UI … promoting best practices in software development. Troubleshoot, debug, and upgrade existing systems, ensuring high performance and responsiveness to requests. Participate in code reviews, contributing to the maintenance of high coding standards and improving the overall quality of the codebase. What you'll bring to the Senior Software Engineer position Proven experience with cloud-based technology, and services, preferably within … AWS. Expertise in both Frontend and Backend software solution development Experience with Agile development methodologies and SecDevOps practices. Excellent knowledge of secure coding practices inline. Strong knowledge of databases, SQL, and NoSQL, as well as data structures and algorithms. Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment. Strong communication and More ❯

and executing Orgvue's security engineering strategy across our entire application development and cloud-hosting estate. Partnering closely with Information Security, Engineering, and Product teams, you will embed secure-by-design principles throughout the software-development lifecycle (SDLC), champion modern DevSecOps practices, and ensure that security is a first-class citizen in everything we build and operate. This … continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management, and supply-chain security; automate enforcement through CI/CD pipelines. Cloud … intelligence sharing, incident response, and compliance initiatives, ensuring organisation-wide alignment. Engineering Partnership & Enablement - Work hand-in-hand with engineering squads to raise security awareness, improve secure coding practices, and foster a culture of shared security ownership. Architecture Alignment - Partner closely with Orgvue's Principal Architect to ensure security patterns, controls, and roadmaps align with overall system More ❯

the London office We are seeking an experienced Cloud Security Engineer with a strong emphasis on AWS. The successful candidate will be responsible for designing, implementing, and maintaining secure cloud infrastructure, ensuring a robust security posture and supporting continuous delivery of our applications. Key Responsibilities: Design and implement secure AWS cloud infrastructure, focusing on system architecture … to drive cloud security initiatives and align with the broader security strategy. Enhance and secure CI/CD pipelines across multiple applications by embedding secure coding and DevSecOps best practices. Develop automation tools and scripts to streamline security processes, monitor key security metrics, and support operational demands. Stay up to date with emerging threats, industry … is advantageous. Solid understanding of networking, systems engineering, and cybersecurity within cloud environments. Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform and Ansible for secure provisioning and management. Excellent problem-solving capabilities and strong verbal and written communication skills. Practical experience using Wiz or similar cloud security posture management tools. More ❯

the London office We are seeking an experienced Cloud Security Engineer with a strong emphasis on AWS. The successful candidate will be responsible for designing, implementing, and maintaining secure cloud infrastructure, ensuring a robust security posture and supporting continuous delivery of our applications. Key Responsibilities: Design and implement secure AWS cloud infrastructure, focusing on system architecture … to drive cloud security initiatives and align with the broader security strategy. Enhance and secure CI/CD pipelines across multiple applications by embedding secure coding and DevSecOps best practices. Develop automation tools and scripts to streamline security processes, monitor key security metrics, and support operational demands. Stay up to date with emerging threats, industry … is advantageous. Solid understanding of networking, systems engineering, and cybersecurity within cloud environments. Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform and Ansible for secure provisioning and management. Excellent problem-solving capabilities and strong verbal and written communication skills. Practical experience using Wiz or similar cloud security posture management tools. More ❯

our growing company - you'll play a key technical leadership role, working closely with architects, product managers, and cross-functional teams to design and implement scalable, reliable, and secure backend systems. Please note: This position requires you to work on client-site in central London three times a week. What does the role involve? Lead technical deep dives … Start influencing product and business decisions Hands-on Software Development: Write high-quality Java code using frameworks such as Spring Boot or Micronaut. Build robust services that support secure, high-volume payment transactions. Develop integrations with acquiring banks, payment gateways, and fraud detection tools. Cloud & DevOps Practices: Build and support cloud-native systems on the cloud (preferably Azure …/CD pipelines using GitHub Actions and ensure smooth delivery to production. Own monitoring, alerting, and observability, using tools like OpenTelemetry and Dynatrace. Security & Compliance: Champion secure coding practices and data protection across services. Collaboration & Mentoring: Work closely with product owners, engineering leads, and other stakeholders to shape technical solutions. Mentor and support more junior/mid More ❯

to present findings to a wide audience will be crucial to make this role a success. We want to know who the leading companies are and how they secure their pipeline so we are very much open to ideas! Within 3-4 months we'd like a full assessment documented and a plan put into place that you … DevOps pipelines. This role requires a deep understanding of development, security, and operations, with a strong emphasis on automation, continuous integration/continuous deployment (CI/CD), and secure software development lifecycle (SDLC) practices. Advise and offer guidance on: * Design, implement, and maintaining secure CI/CD pipelines. … Integrate security tools and practices into DevOps workflows (e.g., SAST, DAST, SCA, secrets management).* Collaborate with development, operations, and security teams to implement and ensure secure coding and deployment practices.* Advise on threat modeling, risk assessments, and vulnerability management.* Provide expert guidance on cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).* Develop and More ❯

of industry technology trends and innovations and actively contribute to the organization's technology communities to foster a culture of technical excellence and growth. Adherence to secure coding practices to mitigate vulnerabilities, protect sensitive data, and ensure secure software solutions. Implementation of effective unit testing practices to ensure proper code design, readability, and reliability. Assistant More ❯