DevSecOps / Application Security Engineer (United Kingdom)

Senior DevSecOps / Application Security Engineer

Location: Remote – UK or EMEA based

6 months+ Contract

Niche SaaS Tech company are seeking a Senior DevSecOps / Application Security Engineer to champion and drive their DevSecOps initiatives—shaping secure software delivery across a fast-moving, cloud-native environment. In this role, you’ll own and evolve the security tooling and automation embedded in their SDLC and CI/CD pipelines, working closely with software engineers, DevOps, and data scientists. You'll help ensure security is not a final step—but an integral, continuous part of how they build and ship software.

You will:

• Embed and automate security controls across CI/CD workflows
• Lead the integration of SAST, DAST, SCA, and threat modeling tools in DevSecOps pipelines
• Collaborate with developers to enable secure coding and privacy by design
• Drive adoption of secure development standards and practices across the org
• Operate and evolve our software vulnerability management and bug bounty programs
• Work cross-functionally to identify risks and improve security posture continuously
• Support cloud-native app and ML security efforts across Azure and AWS
• Own AppSec policies, incident response processes, and related KPIs/KRIs

Key Skills Required:

• 5+ years in AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD
• Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp
• Familiarity with OWASP, MITRE, CWE, and modern dev frameworks (C#, Java, Python, React)
• Knowledge of scripting languages (Python, Ruby, Rust)
• Excellent communication skills to bridge tech and business stakeholders
• Passion for building scalable security solutions that enable teams, not slow them down