1 to 25 of 136 Application Security Jobs in England

Head of Information Security, Europe page is loaded Head of Information Security, Europe Apply locations London - 2 Gresham Street time type Full time posted on Posted 5 Days Ago job requisition id R-5246 The Head of Information Security, Europe reports directly to the Chief Information Security Officer, TMX Group and has a dotted line reporting … relationship to the Chief Technology Officer, Trayport. The Head of Information Security will be responsible for defining, implementing, and managing the organization's information security strategy and framework for Europe. This critical role involves overseeing all aspects of information security, including a strong focus on application security, ensuring compliance with ISO27001 standards, financial services regulations … and other relevant legal and contractual requirements. As a senior leader of the Enterprise Information Security team, the role will also be accountable to provide information security oversight, through leadership and guidance across the TMX Group. The successful candidate will be a strategic leader with a strong technical background, including deep application security knowledge, and the More ❯

Application Security Engineer, Amazon Application Security Job ID: Amazon Development Centre (London) Limited At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals … things to make them easier, faster, better, and more cost-effective. However, no matter what we're building - from websites to web services, AR to AI, drones to devices - security is always our top priority. The Amazon Application Security team focuses on working with our builders to provide experiences that our customers can trust. That means constantly … learning new things and solving complex problems to protect the safety, security, and privacy of billions of lives on a global scale. At Amazon, you'll be working with the best minds in technology and security. Learn and be curious here, and accelerate your career growth. You can take pride in knowing that your work is meaningful, having a More ❯

Principal Security Engineer, Autonomous Security Job ID: Amazon UK Services Ltd. We are looking for an experienced Principal Security Engineer to join the Autonomous Security team in London. You will be a key technical leader in a team responsible for building and scaling AI-powered security solutions across Amazon's global infrastructure. This team is … transforming how Amazon approaches security through autonomous detection, assessment, and remediation of security issues. We partner with security teams and service teams across Amazon to embed autonomous security capabilities throughout the development lifecycle. You will be an expert across security automation, AI/ML systems, and application security, and will be sought out … for advice on autonomous security solutions. Your role will help ensure our autonomous systems make provably correct security decisions at scale, while setting standards and defining best practices for AI-powered security. You will proactively shape the future of security automation across Amazon and be a critical leader in driving the adoption of autonomous security solutions. More ❯

Senior Security Engineer (Product Security) Technology London New Senior Security Engineer (Product Security) London Ebury is a global fintech firm dedicated to empowering businesses to expand internationally through tailored and forward-thinking financial solutions. Since our founding in 2009, we've grown to a diverse team of over 1,700 professionals across 40+ offices and 29+ … contributions are valued. You'll play a key role in shaping the future of cross-border finance, while advancing your own career in a dynamic, high-growth industry. Senior Security Engineer London Office - Hybrid: 4 days in the office, 1 day working from home Role Overview We are seeking a Senior Security Engineer to embed security throughout … our product development lifecycle. You'll work directly with engineering teams to identify and mitigate security risks through threat modeling, secure code reviews, and integrated security tooling across our web and mobile applications. This role is critical to establishing our secure development practices, implementing industry-standard SSDLC processes, and ensuring our financial products are resilient against evolving threats. More ❯

Senior Application Security Engineer (33957) At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks … and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early … software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to More ❯

the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more. Our Product Security team works on secure-by-design and deep product partnership. We build strong relationships with other teams and help them build secure software. This includes reviewing early-stage designs … including defense, intelligence, and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. The mission of the Application Security Team is to enable developers to be highly productive, agile, and produce the most secure software possible. Given the mission critical work that Palantir does, investments in … application security have never been more important. As an Application Security Engineer, you will be hands-on and have wide-ranging impact for the security of Palantir: • Product security reviews . You will perform full-scope security reviews of our current and future product and service portfolio. This includes whitebox, greybox, and blackbox More ❯

and hands-on expertise to help security and engineering teams across the enterprise embed security into the product development lifecycles. This role is the key advisor on AppSec standards, secure development practices, threat modelling, and security tooling (e.g. SAST, DAST, SCA, IaC scanning, container security, etc.), ensuring consistency and maturity in how applications are built and … Application Security and SSDLC strategy, including short, mid, and long-term goals aligned with the group's security posture and digital transformation initiatives. Develop and maintain AppSec maturity models (e.g. based on OWASP SAMM, NIST SSDF, BSIMM) and work with business units to assess current state and define realistic improvement plans. Drive the development of a global … secure development policy, including approved tools, practices, and coding standards. Technology & Tooling Strategy: Evaluate, recommend, and support the rollout of AppSec tools such as SAST, DAST, SCA, container and IaC scanners, runtime protections, and CI/CD pipeline integrations. Collaborate with platform and DevOps teams to ensure tool integration and automation into developer workflows across brands. Provide architecture guidance on More ❯

heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity … and eager to make a real impact, we want you on our team! Key Responsibilities: Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle … software integrity, authenticity, and third-party library management. Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls. Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to More ❯

Career progression with excellent training and development. Company events - Pub nights, sporting events, seasonal parties, socials Overview of the role IFX Payments is seeking a technically skilled and proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring … that threat modelling and architecture reviews are consistently applied across all development efforts. You will work closely with engineering, and platform teams to integrate security into CI/CD pipelines, automate vulnerability detection, and drive continuous improvement in application security posture. Responsibilities Secure Development Lifecycle (SDLC) Embed security controls into CI/CD pipelines and development … in the lifecycle Conduct secure code reviews and support developers in remediating findings. Threat Modelling & Architecture Review Lead threat modelling sessions using standard methodologies to identify design flaws Review application architectures to ensure alignment with security objectives and mitigation of common threats. Maintain and update reference architectures based on threat modelling insights. Tooling & Automation Deploy and manage application More ❯

places! This is where you come in. The Opportunity As IAG Loyalty evolves into a Platform as a Service business, we're looking for a talented and passionate Senior Application Security Engineer to join our security engineering team. You'll have a background in software engineering and a deep … interest in application and API security. You thrive on collaboration, enjoy helping others grow, and see security as an enabler - not a blocker. You'll be an AppSec advocate who supports our engineers in identifying and addressing security issues across the software development lifecycle. You'll be part of a small, dynamic team within the Product department … be required to work from one of our other office or partner locations, based on your role and 'to do' list. What you'll be doing As a Senior Application Security Engineer, you'll lead the application security practice within the IAG Loyalty security team, taking responsibility for key security KPIs in this area. More ❯

Protect Granola's technology and users by building secure systems and fostering security culture We're looking for a security engineer who is passionate about application security to help us protect our users and build trust as we scale. In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's … applications, building security tools, and working closely with our development teams to integrate security throughout our software development lifecycle. You'll help establish a robust security culture as we unlock Granola for the next 100x users. In this role, you will: Conduct security assessments, code reviews, and penetration testing to identify vulnerabilities in our applications Design … and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyze, and manage vulnerabilities in applications, providing guidance for remediation efforts Support incident response by More ❯

month contract in a Work from Office (WFO) role. This role will focus on creating a business strategy, gap analysis and implementation, for securing their Azure-based infrastructure, integrating security automation, ensuring PCI DSS compliance, vulnerability and penetration testing and incident response. This role will focus on developing and maintaining secure, scalable Azure DevOps pipelines and Infrastructure as Code … IaC) using Terraform. Their ideal candidate will have a strong background in cloud security best practices, automation, and a proactive approach to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. … Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security: Architect and secure Azure-based infrastructure using Terraform, ensuring adherence to security best practices by developing, maintaining, and optimizing Terraform code. DevOps Pipeline Development and Maintenance: Design, develop, and optimize Azure DevOps pipelines More ❯

Milan, Edinburgh and Madrid. With our focus on growth in the UK and Europe, now is the perfect time to join us on this high-speed journey. Introducing our Security We focus on designing, implementing, and monitoring security controls to ensure a robust security posture in a fast-evolving environment. As part of our mission to continuously … improve and mature Trainline's security capabilities, we work in close collaboration with cross functional teams, including Cloud Engineering, SRE, Platform Engineering, and more, to integrate the latest technologies and best practices into our products. You will play a important role in safeguarding all digital channels that collectively generate billions of pounds in annual ticket sales, ensuring that our … systems stay secure, resilient, and innovative in the face of evolving threats. As a Senior Product Security Engineer at Trainline, you will be responsible for Security in the Development Lifecycle : Drive the integration of security into every stage of the Software Development Lifecycle (SDLC). Design, implement, and manage security controls to ensure secure product design More ❯

Gartner and Forrester, and our sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving … tooling, and supporting vulnerability remediation. You'll work closely with senior security engineers and cross-functional teams to build security into our software development lifecycle. This is a great opportunity for a security-minded engineer who wants to grow their technical breadth while making meaningful impact in a cloud-first, DevOps-centric environment. You must be comfortable … in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success. How will you contribute? Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modeling and security More ❯

Application Security Engineer, SDO AppSec EMEA Job ID: Amazon Development Centre (London) Limited At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance … to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. As a Security Engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service alongside its software developers. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with More ❯

of product development is critical to building trust in everything we deliver. As a Senior Security Engineer focused on Application & Product Security , you will own our AppSec strategy - driving threat modeling, secure architecture design, and offensive security testing . You will lead manual and automated penetration testing, manage AppSec tooling (SAST, DAST, SCA), and build developer … compliance alignment for SOC 2, ISO 27001, and privacy requirements. This role blends offensive and defensive expertise with strategic influence, giving you the autonomy to shape a scalable, modern AppSec program. Responsibilities: Threat Modeling & Architecture Reviews Mature and scale a modern threat modeling program across products and services. Enable secure by design architectures in collaboration with Engineering teams. Offensive Security … reviews, and vulnerability assessments. Expert knowledge of OWASP Top 10, web application and API security, and common vulnerability classes with practical remediation strategies. Hands-on experience with AppSec tooling (SAST, DAST, SCA) integrated into CI/CD pipelines. Strong programming and scripting skills (Python preferred) and ability to influence secure coding practices. Proven ability to lead incident response More ❯

Job Title: WAF & Application Security SME Location: Birmingham (Hybrid - 60% office/40% home, 3 days in the office mandatory) Salary/Rate: £480 Per Day - Inside IR35 Start Date: 15/09/2025 End Date: 15/09/2026 Job Type: Contract Company Introduction We have an exciting opportunity for a skilled Web Application Firewall (WAF) & Application Security Subject Matter Expert to join a high-profile programme. This role is pivotal in enhancing and tuning WAF solutions across a variety of applications to improve security posture and protect against advanced web-based threats. Job Responsibilities/Objectives You will be responsible for designing, testing, tuning, and implementing advanced WAF configurations … WAF management, tuning, and engineering, with a strong understanding of web application security principles. Proven ability to proactively identify and mitigate false positives. Background in SOC, CSIRT, AppSec, or Ethical Hacking with hands-on log analysis experience. Proficiency in analysing traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major More ❯

everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 The role of Cyber Security Consultant sits within the Cyber Security team in Three UK, which is responsible for providing subject matter expertise and guidance to business units across Three's Network and … policy and standards. In this role you will have a broad and challenging remit, you will therefore need to be flexible and agile in your approach, switching between different security disciplines within the team as necessary. You will be engaging in the delivery of multiple business initiatives by introducing baseline and enhanced security requirements and supporting their implementation … through guidance and advice. You will also be recommending security solutions and then providing design input and technical approvals, assurances, and governance of deliveries that the project carries out with our colleagues and partners. Within the Security team itself you will be expected to collaborate with the wider team and security colleagues providing technical support and guidance More ❯

Security Development & Test Director 6 Months Hybrid - Birmingham 2 days per week on site £800 per day (Inside IR35) We are currently recruiting for a dynamic Security Development and Test Director to join our growing Security team. This is a great opportunity for you to play a pivotal role in helping to shape our client's transformation … journeys. *** Please note - The selected candidate must be eligible for UK Security Clearance *** The Security Development and Test Director is responsible for overseeing the secure software development lifecycle, security testing, and DevSecOps practices at both strategic and operational levels. The role ensures the effectiveness of security practices in software development, manages security testing, drives operational … maturity improvements, and oversees secure coding practices. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security development and testing activities. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation's resilience against evolving threats. Using your background in managing complex development and testing programs More ❯

source solutions, and embracing enterprise agile methodology. We encourage professional development to ensure you bring innovative ideas to our products while satisfying your own intellectual curiosity. Our Global Information Security team's mission is to ensure the development, implementation, and management of a comprehensive program that effectively protects the confidentiality, integrity, and availability of Point72 information assets. Our team … is comprised of security professionals with expertise in a diverse portfolio of security disciplines. What you'll do Collaborate with the DevOps team to design, implement, and manage a robust DevSecOps framework for our software development pipeline, integrating security tools and processes into our CI/CD workflows to enhance the developer experience Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies Create security focused DevSecOps policies and standards and provide training and awareness to the development team Develop Key Risk Indicators (KRIs) to track security posture across business lines, measure progress and identify outliers Implement and manage security testing tools More ❯

cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. The successful candidate will … SOC/Threat/Forensics or CSIRT backgrounds - very experienced with analysing security logs to quickly ascertain TP/FP conviction and the techniques to except Ideally some AppSec/DevSecOps or Ethical Hacking experience - with a good understanding of Web Application attacks and security; they must be familiar with the OWASP Top 10 If they have … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities. Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic. Experience More ❯

source of analysis on international business and world affairs. We deliver our information through a range of formats, from newspapers and magazines to conferences and electronic services. The Information Security team operates the Information Security Program and is responsible for the standard of information security across the Group. We define and implement our security strategy and … our brands. We work with business units to ensure that the confidentiality, integrity and availability risks that they are exposed to are clearly understood and appropriately managed. The Cyber Security Analyst is a member of the Information Security team and helps us maintain the security of our cloud infrastructure. As an Analyst, you will be responsible for … monitoring, analysing, and identifying potential security threats to our cloud-based systems. You will work closely with other IT teams to ensure the confidentiality, integrity, and availability of our cloud-based data. Monitor and analyse cloud infrastructure security logs to identify potential security threats and vulnerabilities. Develop and implement security policies, procedures, and standards for cloud More ❯

Senior Security SA, Thailand, Security SA, APJ Do you have the passion for helping customers and partners design and create robust security architectures to address their enterprise risk management requirements using cloud computing? Do you enjoy helping customers become more secure across their workloads and assisting them meet compliance accreditation? Would you like to do this using … with the communication, consulting, and leadership skills to help guide major projects to success? The AWS Solutions Architecture team is hiring! Come join the team as a Solutions Architect - Security, within Amazon Web Services (AWS) ASEAN team based in Singapore. In this role, you will deliver architecture guidance, lead proof-of-concept projects and conduct customer workshops. You will … also drive collaboration with customers and partners to address security as well as compliance challenges. Your broad responsibilities will include: owning the technical engagement and ultimate success around specific implementation projects, working cross-organizationally to facilitate widespread use and adoption of the AWS platform, and developing a deep expertise in the AWS security technologies as well as broad More ❯

what makes you unique! Our global customer base is exploding and we need your skills to support us on this exciting journey! Don't look back and submit your application before the opportunity passes you by Job title: Senior Security Engineer Department: Information Security Reporting to: Information Security Manager Who we are We're part of … on a mission to create extraordinary experiences for our customers, and we believe that your unique skills, passion and superdrive will help us achieve our vision. As a Senior Security Engineer you'll be supporting the delivery of information security operations, covering but not limited to company policies, data loss prevention, access protection, incident response and investigation, vulnerability … and compliant systems as well as the confidentiality, integrity and availability of information across the business to stay ahead of the game. What you'll be doing Our Information Security team is on a mission: protect and serve. We use the latest technologies to detect and remove any threats to our data, while serving the best interests of the More ❯

Principal Responsibilities • Collaborate with technical and business teams to address security flaws and implement remediation plans. • Oversee application security tasks, ensuring alignment with audit requirements and internal policies. • Support change and incident management processes, with a focus on high-priority incidents (P1 & P2). • Provide guidance to development and support teams on security-related ticket requirements … to ensure clear communication and quality engagements. • Support governance and administrative functions, including audit preparation and policy development. • Compile and deliver regular reports, including weekly, monthly, and OSM-specific security metrics. Required Key Skills (Functional/Technical) Application Security & Vulnerability Management • Familiarity with Common Vulnerability Scoring System (CVSS) • Experience with tools like OWASP ZAP, Veracode, Rapid7 (on … and CSPM) • Track and assist in the closure of identified vulnerabilities, working closely with IT and Development teams • Review and maintain secure configurations for systems, applications, and network devices Security Fundamentals • Working knowledge of encryption, authentication, and secure data transmission • Knowledge of network security principles and firewall configurations • Familiarity with SSO and MFA using OKTA, and directory services More ❯