1 to 25 of 28 Permanent Application Security Jobs in the South East

Senior Application Security Engineer Location: Hybrid working or homeworking with view to attend office occasionally Salary: £60,000 – £70,000 per annum Bonus: Discretionary bonus of up to 10% Are you passionate about securing modern applications and cloud environments? We’re looking for a Senior Application Security Engineer to join my client's growing team and … play a key role in shaping the security posture of our organisation. About the Role As a Senior Application Security Engineer, you’ll bring deep expertise in application security testing, cloud security, and secure development practices. You’ll work closely with IT, development, and project teams to embed security into every stage of … the software development lifecycle and drive a risk-based approach to vulnerability management. Key Responsibilities Lead application security initiatives across cloud-native and enterprise environments. Promote secure design principles, threat modelling, and best practices across teams. Own and evolve the technical vulnerability management programme. Implement and support security controls, particularly within Azure cloud environments. Evaluate and deploy More ❯

Job Title: Senior Application Security EngineerSalary: £70,000Location: Reading/remote About the Organisation Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across a wide … be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact. About the Role The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by … a 24/7 external SOC - you'll research, test, and implement next-generation security solutions to safeguard data and systems. This role offers the chance to lead on application and cloud security initiatives, influence secure design standards, and mentor colleagues in best practices. Key Responsibilities Lead application and cloud security initiatives, ensuring systems and More ❯

Senior Technical Consultant UK based Company Description We are looking for an experienced UK based Senior Security Consultant to strengthen the consulting team at this well established security consultancy. Role Description This is a full-time, on-site role based in Portsmouth and potential work-from home for a Cyber Security Consultant. The consultant will conduct vulnerability … assessments, application security reviews, and network security analyses. Responsibilities include evaluating risks, providing actionable security recommendations, and assisting clients with compliance to established standards like ISO 27001 and PCI DSS. The role will involve working closely with clients across sectors to strengthen their overall security posture through proactive planning and solutions. Qualifications Experience in Cybersecurity … including identifying and addressing security threats and challenges Knowledge of Application Security, with the ability to identify vulnerabilities in web and mobile applications Skills in Network Security, including securing and evaluating infrastructure and cloud environments Expertise in performing Vulnerability Assessments and delivering actionable insights Background in Information Security, with experience in regulatory compliance (e.g., PCI More ❯

Your new role - Permanent - ON SITE 5 Days per week. You will be required to obtain security clearance and undergo vigorous onboarding checks - UK Only. Sponsorship NOT available.The main purpose of this job mainly focusses on information security, cybersecurity, and data security, including a wide scope, such as physical security of computer rooms, operating system level … security of Windows and Linux, network security of firewall and other security devices, application security both development and testing phrases, terminal security, backup security, third party and supply chain security of IT service provider.Liaison with the Head Office, Security Operation Centre or Data Centre for implementing security policies, projects and … security controls. Work with Internal Audit and other departments to execute penetration tests, cybersecurity risk self-assessment, ensure best practice and international baseline standards are in place and in line with local regulations.The ideal candidate will be responsible for managing information security systems, ensuring compliance with regulatory requirements, and conducting thorough security audits.You will be part of More ❯

Software & Application Security Lead Permanent | Hybrid (UK - a few visits per month) | Up to £84,000 We're partnered with a modern, forward-thinking professional services firm that's putting security at the heart of everything they build. As part of their growing technology function, they're looking for a Software & Application Security Lead to … take the lead in shaping how security is embedded into every stage of their digital product journey. This is a role with real influence - you'll help define the software security strategy, guide engineers on best practice, and ensure the products they deliver are secure by design. You'll work closely with developers, architects, and business stakeholders to … create an environment where secure coding and proactive risk management come naturally. What you'll be doing You'll play a leading role in driving a security-first culture across agile product teams, defining and delivering a clear application security strategy that aligns with business goals. Working hand-in-hand with developers, you'll weave security More ❯

Information Security Engineer – Nationwide Software Company – Worthing, West Sussex (Office based) – 50K to 55K plus excellent benefits Stratospherec is recruiting for an Information Security Engineer to be based in the West Sussex office of our client who is a leading software company. In this role you will use your Information Security Engineer/Analyst expertise both supporting … and enhancing this nationwide company’s cybersecurity posture through the securing of enterprise applications, data and infrastructure and by identifying, assessing, and mitigating security risks. This is a hands-on, predominantly office-based role requiring experience in application and data security, vulnerability assessments, security administration, threat monitoring and response. You will work alongside a multidisciplinary team … of infrastructure, support staff and developers, cross-functionally supporting colleagues from across the business and the wider IT team to ensure security requirements are met and outstanding service delivered. KEY ACTIVITIES • Key activities in relation to application security will include performing security reviews of application architecture, source code, and third-party integrations. • Collaborating with development More ❯

Permanent Based in Milton Keynes £50,000 pa - £60,000 pa Information Security Officer Hybrid Our client are a leading provider of software solutions for student accommodation, event management, catering, and residential services, they help institutions streamline operations, elevate customer experiences, and unlock their full potential.With over 25 years of experience and trusted by more than 350 institutions worldwide … your impact is real. If you're ready to help shape the future of operational technology in education and events, we'd love to meet you. An experienced Information Security Officer to lead security strategy, operations, and compliance. This is a hands-on role combining strategic security architecture with operational security management and regulatory compliance oversight. … The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI/DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security architecture and standards across multi-cloud SaaS platforms Embed security More ❯

Permanent Based in Milton Keynes £50,000 pa - £60,000 pa Information Security Officer Hybrid Our client are a leading provider of software solutions for student accommodation, event management, catering, and residential services, they help institutions streamline operations, elevate customer experiences, and unlock their full potential. With over 25 years of experience and trusted by more than 350 institutions … your impact is real. If you're ready to help shape the future of operational technology in education and events, we'd love to meet you. An experienced Information Security Officer to lead security strategy, operations, and compliance. This is a hands-on role combining strategic security architecture with operational security management and regulatory compliance oversight. … The successful candidate will define security standards across our product portfolio, manage security environments, and serve as our central point for ISO27001, PCI/DSS, and GDPR compliance while supporting commercial teams with tender responses and client security assurance. Core Responsibilities: Strategic (30%) Define technical security architecture and standards across multi-cloud SaaS platforms Embed security More ❯

About the Role A leading UK digital transformation consultancy consistently recognised as a Times Top 100 Company to Work For is seeking a Cybersecurity Architect to join its growing security practice. This is a fully remote role (UK-based), working on high-impact programmes across public and private sector clients. Youll play a key role in designing secure cloud … and application architectures, advising on best practices, and embedding security into digital platforms from discovery through to delivery. Key Responsibilities Design secure cloud architectures across AWS/Azure/GCP for enterprise-scale transformation projects Define and implement application security standards including threat modelling, secure SDLC, API security and DevSecOps practices Conduct security risk … assessments, architecture reviews and produce high-level and low-level security designs Advise engineering and product teams on identity, encryption, zero trust, network security and data protection approaches Work alongside client CISOs, architects and delivery teams, providing strategic security guidance Support bid work, proposals and shaping of security solutions for new client engagements Stay current with More ❯

Project Description: We are looking for a Cyber Security Team Leader who brings broad, hands-on security expertise and strong leadership capability to our Cyber Security function. The successful candidate will act as a senior analyst within the team while also providing direction, coordination, and mentorship to colleagues. You must have experience across the core Cyber Security domains, including TVM, SIEM, EDR, Incident Response, DLP, EASM, Cloud Security, Application Security, WAF, and User Access Management, along with a strong understanding of industry frameworks such as NIST and CIS . This role is primarily remote; however, regular attendance at our Farnborough office is required (typically once per week, usually Thursdays) for in-person collaboration. … Responsibilities: Lead the development and implementation of Application Code Security and User Access Management capabilities within the team. Establish these services by adopting or adapting DXC security models where feasible, or by designing and deploying new approaches within Luxoft. Support and contribute to the wider Cyber Security services delivered by the team, including TVM, SIEM, EDR More ❯

Project Description: We are looking for a Cyber Security Team Leader who brings broad, hands-on security expertise and strong leadership capability to our Cyber Security function. The successful candidate will act as a senior analyst within the team while also providing direction, coordination, and mentorship to colleagues. You must have experience across the core Cyber Security domains, including TVM, SIEM, EDR, Incident Response, DLP, EASM, Cloud Security, Application Security, WAF, and User Access Management, along with a strong understanding of industry frameworks such as NIST and CIS . This role is primarily remote; however, regular attendance at our Farnborough office is required (typically once per week, usually Thursdays) for in-person collaboration. … Responsibilities: Lead the development and implementation of Application Code Security and User Access Management capabilities within the team. Establish these services by adopting or adapting DXC security models where feasible, or by designing and deploying new approaches within Luxoft. Support and contribute to the wider Cyber Security services delivered by the team, including TVM, SIEM, EDR More ❯

A leading fintech company is seeking aLead AppSec Engineerto join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory: Serve as the go-to expert for application security across engineering teamsproviding hands … on guidance, resolving concerns, and fostering a security-first mindset. DevSecOps Enablement: Promote and implement secure development practices across CI/CD pipelines, secrets and key management, dependency management, and secure design. Vulnerability Management: Lead vulnerability remediation effortstriaging findings, prioritizing risks, and partnering with teams to deliver effective, pragmatic fixes. Tooling & Automation: Integrate security tools (e.g., SAST, DAST … SCA, secrets scanning) into developer workflows, ensuring automation is both scalable and developer-friendly. Cloud Security Collaboration: Work alongside infrastructure teams to ensure secure configuration of AWS and Azure environments, with a focus on IAM, network security, encryption, and observability. Architecture & Design Reviews: Provide input and recommendations to ensure new services and features are secure by design. Continuous More ❯

Description We re seeking a hands-on Security Architect to lead the design and assurance of security across our Financial Advice & Wealth Management SaaS platform. This is a pivotal role where you ll own the security architecture across cloud infrastructure and networking, drive secure-by-design application architectures, and ensure robust security for integrations with … external partners and systems. As part of the Technical Architecture team, you ll collaborate with business stakeholders, product teams, engineers, and the wider InfoSec function to embed security as a first-class concern throughout our technology landscape. Your work will help us meet the expectations of our customers, clients, and regulators What you'll do Design and maintain secure … for applications and services. Define secure patterns for APIs and partner integrations. Support governance activities including audit, risk acceptance, and internal forums. Review implementation progress to ensure alignment with security design. Provide technical guidance and coaching to architects and engineers. Promote a culture of security awareness in product and engineering practices. Align security standards and frameworks with More ❯

Description We’re seeking a hands-on Security Architect to lead the design and assurance of security across our Financial Advice & Wealth Management SaaS platform. This is a pivotal role where you’ll own the security architecture across cloud infrastructure and networking, drive secure-by-design application architectures, and ensure robust security for integrations with … external partners and systems. As part of the Technical Architecture team, you’ll collaborate with business stakeholders, product teams, engineers, and the wider InfoSec function to embed security as a first-class concern throughout our technology landscape. Your work will help us meet the expectations of our customers, clients, and regulators What you'll do Design and maintain secure … for applications and services. Define secure patterns for APIs and partner integrations. Support governance activities including audit, risk acceptance, and internal forums. Review implementation progress to ensure alignment with security design. Provide technical guidance and coaching to architects and engineers. Promote a culture of security awareness in product and engineering practices. Align security standards and frameworks with More ❯

Role: Information Security Officer Location: Milton Keynes Salary: £50k - £60k Work Pattern: Hybrid Summary: A new position has opened at an exciting software company for an Information Security Officer to lead the organisation's security strategy, operations, and compliance efforts. This hands-on role blends strategic security architecture with day-to-day operational management and regulatory … compliance oversight. The ideal candidate will establish and maintain security standards across the product portfolio, oversee secure system environments, and act as the primary contact for ISO 27001, PCI DSS, and GDPR compliance. Additionally, this role will support our commercial teams by contributing to tender responses and ensuring client security assurance. The Company: They are a technology company … experience and a broad global client base, they develop solutions that simplify complexity and drive smarter, more efficient ways of working. Core Responsibilities: Strategic (30%) Define and maintain robust security architecture and standards across multi-cloud SaaS platforms. Integrate security best practices into product design, development, and roadmap planning. Conduct threat modelling and risk assessments for new features More ❯

DevSecOps Engineer Permanent | UK (Hybrid - a few times per month) | Up to £84k We're partnering with a respected, forward-thinking professional services firm that's serious about embedding security into every corner of its digital transformation journey. This is a pivotal hire within their growing tech function - they're after a DevSecOps Engineer (or Lead Software Security … that genuinely backs its people. They've built a collaborative, agile culture where innovation is encouraged and development is a priority. If you're someone who thrives on moving security left, guiding engineering teams with clarity, and making a real impact - this is your kind of role. What you'll be doing: You'll lead the charge in shifting … the culture towards DevSecOps across multiple product teams, embedding security from the ground up. That means defining and rolling out a product security strategy that aligns with business goals, working closely with developers to automate and streamline security testing, and supporting pen test activity with smart, secure remediation. You'll be the go-to expert on application More ❯

As a Control Testing Lead, you will play a key role within the Information Security team, supporting the Control Test and Assurance Manager in the delivery of a robust and forward-looking Cybersecurity Control Testing & Assurance Programme. This role requires strong cybersecurity expertise combined with hands-on experience in control testing, particularly in evaluating the effectiveness of security … Manager, with whom you will work to deliver the goals of the company to have a stable and fit-for-purpose control testing environment that supports the organisation's security and compliance objectives. What you'll be doing as a Control Testing Lead - Cyber Security Support the implementation and continuous improvement of the Cybersecurity Control Testing Framework. Execute … To thrive in this role, the essential criteria you'll need are Proven experience in performing cybersecurity control assessments, including evaluating design and operational effectiveness. Strong understanding of information security principles, cyber risk management, and control frameworks. Experience in IT, OT and Cloud environments, with a focus on cybersecurity controls. Clear and professional verbal and written communication, including the More ❯

vulnerability management lifecycle Vendor and market analysis and engagement Ability to translate technical information into Risks, Threats, and Vulnerabilities for both a technical and non-technical audience Cloud based security (AWS/GCP), with a specialism in vulnerability management Self-starter, able to work in technical detail and motivate a diverse group of stakeholders to build sponsorship for significant … and impactful change Desired: Establishing observability platforms Capabilities adjacent to exposure/vulnerability management capabilities (ie cyber security asset management, attack surface management, etc) Pragmatic application of zero-trust philosophies Cloud based security (GCP, AWS and Azure) Pentest scoping and analysis experience Application security Threat modelling To apply for this position please submit your CV. More ❯

C# and Azure Development C# Development, .NET core/.NET Framework Full understanding of Object Orientated and SOA design patterns Azure: APIM, including extensive use of policies, caching and security aspects Azure Functions Azure AI Search, using API and designing indexes Azure Blob and Table Storage used via Rest APIs Azure AD, Enterprise apps and interactions via Graph API … Postman GitHub or similar Containerization tech: Docker, Kubernetes Relevant Microsoft Certifications Essential functions of the job Development, Design, Architecture Ensure product managers and stakeholders requirements are met through development application solutions. Define and design good architectural solutions for implementation within agreed timeframes and predictable costs. Utilize, where appropriate, distributed and decoupled architectures, utilizing APIs and event- based architectures. Design … and maintain coding standards ensuring best practices are followed. Advocate for continuous improvement to development processes and code quality. Governance and Compliance Contribute to and follow coding standards and security policies, maintaining and supporting compliance with security standards/guidelines such as PCI v4, OWASP etc. Ensure Senior and Junior Developers are well trained in application security More ❯

A leading fintech company is seeking aLead AppSec Engineerto join their established team. Youll be instrumental in embedding security into every stage of the software development lifecycleguiding engineers, shaping best practices, and driving secure, scalable solutions across our platform. Key Responsibilities: Security Advisory: Serve as the go-to expert for application security across engineering More ❯

testing tools such as Selenium, Playwright, Docker, Postman. GitHub or similar Essential functions of the job Development, Design, Architecture Ensure product managers and stakeholders requirements are met through development application solutions. Work to defined architectures and contribute to their design. Work with distributed, decoupled architectures, utilizing APIs and event-based architectures. Develop and maintain robust and scalable applications. Write … improving performance. Follow and support coding standards ensuring best practices are followed. Advocate for continuous improvement to development processes and code quality. Governance and Compliance Follow coding standards and security policies, maintaining and supporting compliance with security standards/guidelines such as PCI v4, OWASP etc. Keep training and knowledge on application security practices up to More ❯

Foster a culture of observability , helping teams use operational data to improve system stability and performance. Maintain accurate documentation and release notes . Ensure all solutions are developed with application security considerations in mind. Lead incident response activities within the team as required. Identify and manage dependencies across the organisation, proactively resolving issues before they arise. Handle risk … effectively in a fast-paced environment. Work independently or collaboratively on a variety of projects. Create secure, high-performing n-tier applications , leveraging best practices in database and web application design. Contribute to the continuous improvement of development processes and methodologies . Design and develop commercial/enterprise web applications that are scalable and reliable. Ensure application performance … Agile methodologies . Proven experience leading software deliverables and guiding development teams. Background in developing and maintaining interconnected software solutions . Strong experience in C#, ASP.NET, MVC , and web application development . Knowledge of modern front-end frameworks such as React JS . Excellent skills in SQL Server , including database design and optimization. Ability to select and use the More ❯

a culture of observability across the team. Help teams use operational data to improve the stability and performance of their applications Maintain documentation and release notes Have awareness of application security considerations Lead incident response across the team as needed Identify dependencies across the organization and work with teams to resolve them before they become an issue, and … the development of database applications using SQL Contribute to improve the overall processes and methodologies followed by the wider team Design and develop commercial/enterprise web applications Ensure application performance, quality, and responsiveness Work with all teams to recommend solutions that are in accordance with accepted testing frameworks Experience and Skills Required: Experience with Scrum/Agile methodologies … and working in that environment Leading software deliverables Developing and maintaining multiple connected software solutions Web applications experience using C#, ASP.NET, MVC Modern web application development architectures and frameworks such as React JS Excellent skills in SQL Server Ability to select and use the most appropriate tools, technologies, and languages for the job Team-oriented, with a willingness to More ❯

Primary Details Time Type: Full time Worker Type: Employee Cyber Security Consultant Permanent London/Hybrid At QBE, our purpose is to enable a more resilient future. We are an international insurer and reinsurer with a local presence in 27 countries. The opportunity We're hiring a Cyber Security Consultant on a permanent, full-time basis based in … London, where you’ll help shape how cyber and information security risks are understood and managed across our business. This is your chance to be part of a global team that’s always one step ahead - keeping QBE safe, secure, and resilient in a fast-moving digital world. Your new role: This is a hands-on, collaborative role where … under pressure while maintaining a healthy work-life balance. Focus on outcomes and follow through on problem-solving from start to finish. Bonus points if you bring: Experience with AppSec and DevSecOps. Hands-on knowledge of Azure, AWS, and/or Google Cloud. Familiarity with standards like ISO2700X, ISO31000, NIST800, PCI-DSS. Certifications such as CISSP, CCSP, CRISC, CISM, or More ❯

projects. What you'll do: Embed security across the SDLC, promoting secure coding (OWASP) Automate security in CI/CD workflows (SAST, DAST, IAST, SCA, IaC) Perform appsec testing, code reviews, and vulnerability remediation Drive secure DevOps culture through training, playbooks, and developer champions Strengthen cloud & container security (AWS, Azure, GCP, Kubernetes, Docker) What you'll bring … years' experience in AppSec/DevSecOps Hands-on with tools like Checkmarx, Veracode, SonarQube, OWASP ZAP Strong coding skills (Java, Python, JavaScript, Go, .NET) Familiar with CI/CD (Jenkins, GitHub Actions, Azure DevOps) and IaC (Terraform) Knowledge of OWASP Top 10, API security, and compliance (ISO 27001, SOC 2) Eligibility for SC clearance is mandatory (UK nationals only More ❯