1 to 25 of 74 Permanent Application Security Jobs in London

identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team … in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role … you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency and effectiveness, reducing the risk of human error. Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management. Development of More ❯

Social network you want to login/join with: Head of Information Security, Europe, London col-narrow-left Client: Trayport Location: London, United Kingdom Job Category: Other - EU work permit required: Yes col-narrow-right Job Reference: d30f25536962 Job Views: 6 Posted: 14.07.2025 Expiry Date: 28.08.2025 col-wide Job Description: The Head of Information Security, Europe reports directly … to the Chief Information Security Officer, TMX Group and has a dotted line reporting relationship to the Chief Technology Officer, Trayport. The Head of Information Security will be responsible for defining, implementing, and managing the organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a … strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information security oversight, through leadership and guidance across the TMX Group. The successful candidate will be a strategic More ❯

Direct message the job poster from Trayport The Head of Information Security, Europe reports directly to the Chief Information Security Officer, TMX Group and has a dotted line reporting relationship to the Chief Technology Officer, Trayport. The Head of Information Security will be responsible for defining, implementing, and managing the organization's information security strategy and … framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations, and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information security oversight, through leadership and guidance across the TMX Group. The successful candidate will be a strategic leader with a strong technical background, including deep application security knowledge, and the ability to effectively communicate security risks and requirements across all levels of the business. Key Responsibilities Information Security Strategy and Governance: Develop, implement, and maintain a More ❯

Head of Information Security, Europe page is loaded Head of Information Security, Europe Apply locations London - 2 Gresham Street time type Full time posted on Posted 5 Days Ago job requisition id R-5246 The Head of Information Security, Europe reports directly to the Chief Information Security Officer, TMX Group and has a dotted line reporting … relationship to the Chief Technology Officer, Trayport. The Head of Information Security will be responsible for defining, implementing, and managing the organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations … and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information security oversight, through leadership and guidance across the TMX Group. The successful candidate will be a strategic leader with a strong technical background, including deep application security knowledge, and the More ❯

Head of Information Security, Europe page is loaded Head of Information Security, Europe Apply locations London - 2 Gresham Street time type Full time posted on Posted 5 Days Ago job requisition id R-5246 The Head of Information Security, Europe reports directly to the Chief Information Security Officer, TMX Group and has a dotted line reporting … relationship to the Chief Technology Officer, Trayport. Head of Information Security, Europe page is loaded Head of Information Security, Europe Apply locations London - 2 Gresham Street time type Full time posted on Posted 5 Days Ago job requisition id R-5246 The Head of Information Security, Europe reports directly to the Chief Information Security Officer, TMX … Group and has a dotted line reporting relationship to the Chief Technology Officer, Trayport. The Head of Information Security will be responsible for defining, implementing, and managing the organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring More ❯

executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in web, mobile, and cloud-based applications. You'll be at the forefront of defending against cyber threats by implementing cutting-edge security tools, collaborating with development … teams to integrate security into the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee … exploits. Analyse and prioritise vulnerabilities based on risk and provide detailed technical reports with recommended remediation steps for developers and system administrators. Keep up to date with the latest security vulnerabilities, exploits, and attack methodologies to ensure effective penetration testing. Security Risk Management: Develop and manage the organisation's vulnerability management program, ensuring compliance with internal policies and More ❯

ability to keep our clients data secure is a bedrock for our reputation as a trustworthy professional services partner to many of the worlds large and prestigious organisations. Information security is not an afterthought; it is core to all that we do, to protect not only our data but that of our clients, and has the unwavering support of … the Board. Led by our new CISO, the in-house Information Security team is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with … you will do The Identity and Access Senior Architect will be part of the Digital Trust team, and will be responsible for maintaining the identity and access management (IAM) security of the firms assets. This role is critical in translating the organisations IAM vision into a workable, mature and optimized function and service. This role requires extensive experience across More ❯

Your new company - Financial Services Your new role - Permanent - ON SITE 5 Days per week. - UK OnlyWe are looking for a highly skilled Information technology Security Engineer to join the IT team. As the first line of defence in the IT department, the principal purpose of this job mainly focusses on information security, cybersecurity and data security, including a wide scope, such as physical security of computer rooms, operating system level security of Windows and Linux, network security of firewall and other security devices, application security both development and testing phrase, terminal security, backup security, third party and supply chain security of IT service provider.Liaison with the … Head Office, Security Operation Centre of Data Centre for implementing security policies, projects and security controls. Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulations.The ideal candidate will be responsible for managing information security More ❯

hear from you. Our CIO team is always looking for passionate individuals who are eager to make a difference and contribute to our success. We are seeking an experienced Security Architect with deep expertise in Microsoft Azure security to join our team. The successful candidate will play a pivotal role in designing and implementing secure, scalable, and resilient … cloud architectures, ensuring compliance with security standards, and driving security best practices across our Azure environment. Job Details You will be at the forefront of designing, developing, and maintaining secure Azure cloud architectures that meet stringent business and compliance requirements. Your role will involve leading security reviews and threat modeling activities for cloud-based solutions, implementing robust … Azure-native security controls such as Microsoft Defender for Cloud, Sentinel, Key Vault, Azure Policy, and RBAC. You will define and enforce rigorous security configuration standards, baselines, and hardening guides for Azure resources, collaborating closely with DevOps and Engineering teams to integrate security seamlessly into CI/CD pipelines (DevSecOps). Conducting thorough risk assessments and gap More ❯

Job Title: Senior Security Engineer Manager: CISO Department: Cyber Security Division: Enterprise Information Technology Services Location: London, Hybrid Main Purpose: The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change … this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats. The Senior Security Engineer will be responsible for the delivery of security technologies in a range of projects and will therefore: Have a strong cyber security engineering or professional services background with experience of delivering … both large-scale and small-scale projects to a high quality in a fast-paced environment. Have a good practical knowledge of both traditional security technologies and modern security tooling to allow support of both the existing and new environments during the digital transformation. Have a proven track record of working in cross functional teams to successfully deliver More ❯

Senior Cloud Security Engineer Department: Engineering Employment Type: Permanent - Full Time Location: London Reporting To: Sami Eltamawy Compensation: £80,000 - £90,000/year Description London, office-based Freetrade's mission is to become the default place to invest. Investing has been too complicated and expensive for too long, keeping millions from making the most of their savings. We … an even better experience for our customers. We're on a mission to build a secure, scalable, and resilient cloud infrastructure-and we're looking for a Senior Cloud Security Engineer to lead the way. In this foundational role, you'll architect and build our cloud security program from the ground up, helping to shape how we protect … our systems, services, and users in an ever-evolving digital landscape. You'll work closely with our DevOps and Platform teams to integrate security deeply into our development and deployment pipelines. This is your chance to define the standards, select the tools, and create the practices that will safeguard our cloud ecosystem now and into the future. If you More ❯

UK CISO on company vulnerability management KPIs/KRIs Preparation of vulnerability management process and procedure documentation Provide consulting services to the vulnerability management team to assist in their security design to identify potential risks Review the security issues and recommend the appropriate controls to mitigate these risks Provide security awareness to clients and business groups to … Aqua, Palo Alto Xpanse. Jira to manage project work, timelines and operational tickets. 5+years of relevant experience Possess strong understanding of vulnerability management processes, procedures and principles Exposure to application security best practices such as secure coding, security testing techniques Expert knowledge of Security Policies and Standards Expert knowledge of Information Security practices Knowledge of … compliance, audit and privacy policies and regulations General knowledge of security technology Nice to have: Experience with PowerBI Programming skills and experience (python, java, SQL) Technical network skills Knowledge of OWASP, SANS, NIST, ISO 27001, ISF or other security-related practices Previous Banking/Financial Industry experience CISSP, CISA, CRISC, CSSLP, SABSA certifications Skills & Competencies: Vulnerability management Risk More ❯

applicants Direct message the job poster from Levy Search Senior Client Partner | Solving the challenge of building elite data teams A great client of mine is hiring a Security-Focused Technical Consultant/Security Architect to join a highly regulated healthcare tech environment. You’ll work cross-functionally with engineering, architecture, and business teams to design secure solutions … months with chance to extend or go perm. IR35: Inside Work structure: Remote Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders … Translate business needs into effective security controls 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell More ❯

IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security Manager …/Lead Software Security Engineer to shape and drive secure-by-design principles across new and evolving digital products. You'll be joining a business that genuinely values its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security … left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline More ❯

IT Application Security Manager | £85k | Hybrid (once/week) - London We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Application Security Manager …/Lead Software Security Engineer to shape and drive secure-by-design principles across new and evolving digital products. You'll be joining a business that genuinely values its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security … left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline More ❯

IT Product Security Manager | Hybrid - once/week | To £85k We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Product Security Manager/Lead … Software Security Engineer to shape and drive secure-by-design principles across new and evolving digital products. You'll be joining a business that genuinely values its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing … DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: - Leading the cultural shift towards DevSecOps across multiple product teams - Embedding security requirements and tooling into the SDLC from the ground up - Defining and implementing a product security strategy aligned with business goals - Collaborating with developers to automate and streamline security More ❯

IT Product Security Manager | Hybrid - once/week | To £85k We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a IT Product Security Manager/Lead … Software Security Engineer to shape and drive secure-by-design principles across new and evolving digital products. You'll be joining a business that genuinely values its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing … DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: - Leading the cultural shift towards DevSecOps across multiple product teams- Embedding security requirements and tooling into the SDLC from the ground up- Defining and implementing a product security strategy aligned with business goals- Collaborating with developers to automate and streamline security More ❯

about healthcare, and we plan to be the largest digital primary healthcare platform for people across Europe. About the role We are seeking a motivated and detail-oriented Information Security Engineer to join our team here at ZAVA. In this role, the successful candidate will support the organisation's cybersecurity efforts by assisting with the implementation, monitoring, and maintenance … of security systems and processes. They will work closely with senior security team members to identify vulnerabilities, respond to incidents, and ensure compliance with security policies and frameworks. The role involves hands-on tasks such as configuring security tools, analysing alerts, and supporting investigations into potential threats, as well as contributing to the development ofa secure … IT environment. Additionally, the successful candidate will participate in security awareness initiatives, help document processes, and stay updated on emerging threats and technologies to enhance the organisation's security posture. Key Accountabilities You will be working from home, but you do have the opportunity to come to the office, if you wish. You will use our collaboration tools More ❯

DevSecOps Engineer | Permanent | UK (Hybrid - few times/week) | £85k We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a DevSecOps/Lead Software Security Engineer to … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯

DevSecOps Engineer | Permanent | UK (Hybrid - few times/week) | £85k We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a DevSecOps/Lead Software Security Engineer to … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯

heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity … and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle … software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to More ❯

you attend the office a minimum of 1 day per week. About the Role We are seeking a highly motivated and experienced Vulnerability Management Engineer to join our Cyber Security team. As a Vulnerability Management Engineer, your primary responsibility will be to manage existing vulnerability management-specific tooling, and have an active role in improving existing processes. You will … approach to vulnerability management. Develop integrations for internal and external tools to capture data relevant to the vulnerability remediation process (e.g. by interacting with APIs) Ensure compliance with relevant security standards, frameworks, and regulations Stay up to date with the latest trends and developments in vulnerability management, security standards, and regulations Strong engineering and automation background with a … functional teams and stakeholders Good to have Practical experience in one or more of the Vulnerability Management fields would be desirable but not essential: Endpoint Vulnerability Scanning, Vulnerability Intelligence, AppSec Vulnerability Management, Vulnerability Management of cloud native workloads, External Attack Surface Management Familiar with with TypeScript/Vue.js Open source scanning tool such as Trivy or similar SQL database design More ❯

Enterprise Security Architect Salary: £95k - £110k + Car Location: Basingstoke or London (3x days per week in office) Role The ideal candidate will be solely responsible for architecture partnering with our Chief Information Security Officer, senior leaders and leading design and assurance of our security systems via a significant transformation investment portfolio, ensuring that we are secure … by design and commercially appropriate. This role requires a deep understanding of security principles, technologies, and best practices to protect our systems and data from threats, alongside an acute operational and commercial awareness. Strategy and Transformation Contribute to the definition of our vision, goals, and objectives, identifying and executing opportunities to maximize the business benefits of Enterprise Architecture initiatives. … Actively participate in shaping emerging business cybersecurity needs and articulate them to technology teams, driving innovation and security industry benchmarking for new capabilities. Support management decision-making, ensuring cybersecurity decisions consider their long-term impact on the organisation. Develop and maintain achievable roadmaps from current to future states for our security capabilities, considering 'security by design' at More ❯

About the role: Join Our Team at Holland & Barrett! Are you passionate about cloud security and looking to make a significant impact? Holland & Barrett is seeking a Cloud Security Specialist to help us define and implement our cloud security strategy. If you're an experienced professional eager to work with cutting-edge technology and collaborate with diverse … teams, we want to hear from you! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett cloud security strategy, partnering with platform and Site Reliability Engineering (SRE) teams to build robust infrastructure that supports our business. Perimeter Security: Establish platform perimeter security by implementing controls at ingress and egress points, including creating and maintaining … an edge network with a Web Application Firewall (WAF), Distributed Denial of Service (DDoS) protection, and a Content Delivery Network (CDN). Access Control: Establish an access control baseline focusing on the principle of least privilege and segregation of duties. Monitor and enforce these controls once roles and permissions are set. Security Controls: Design, implement, and maintain security More ❯