1 to 25 of 126 Secure Coding Jobs in England

at both strategic and operational levels. The role ensures the effectiveness of security practices in software development, manages security testing, drives operational maturity improvements, and oversees secure coding practices. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security development and testing activities. The Director is responsible for aligning security … modelling and secure design practices, ensuring development teams proactively identify and mitigate risks during the design phase. o Mentor and upskill engineering teams on secure coding, architectural risk assessment, and DevSecOps principles to build a culture of shared security ownership. Key Performance Indicators (KPIs) * Secure Architecture Compliance Rate: Percentage of projects that meet … e.g., SAST, DAST, SCA) across development teams, measured by scan frequency and issue resolution rates. * Training and Awareness Uptake: Percentage of development and QA staff completing secure coding and DevSecOps training programs. * Audit and Compliance Pass Rate: Success rate in internal and external audits related to secure development practices and testing controls. * Innovation and Automation More ❯

implement secure software development practices Integrate security gates into CI/CD pipelines following DevSecOps principles Establish security quality gates and acceptance criteria Develop secure coding standards based on OWASP guidelines Create security architecture patterns and reference implementations Security Code Reviews & Testing Conduct in-depth security code reviews for critical features Implement automated security testing … security linters and pre-commit hooks Create automated vulnerability tracking and remediation workflows Implement secret scanning and dependency checking Build security dashboards and metrics reporting Create secure coding guidelines for different technology stacks Develop a security champions program aligned with OWASP SAMM Conduct security training on platform-specific vulnerabilities Provide hands-on guidance during security incidents Build … years of application security experience Deep understanding of security vulnerabilities across web and mobile platforms Hands-on experience with security testing tools and methodologies Expertise in secure coding practices and design patterns Experience with modern development frameworks (React, Angular, ReactNative, Flutter) Security Domain Knowledge Expert knowledge of OWASP standards (Top 10, ASVS, SAMM, MASVS) Understanding of cryptographic More ❯

proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring that threat modelling and architecture reviews are consistently applied across all development efforts. You will work closely with engineering, and platform teams to integrate security into … ISO 27001, FCA, and NIST standards. Contribute to audit readiness and support compliance automation platforms such as Drata Collaboration & Training Work with engineering teams to promote secure coding practices. Support the rollout of role-based security training and awareness initiatives. Act as a security champion within development squads and mentor junior engineers. Requirements Broad experience in application … security or secure software development. Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling. Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps practices. Knowledge of regulatory frameworks (ISO 27001, FCA, NIST). Excellent communication skills More ❯

editorial standards, but also on the security, reliability and resilience of the systems behind every stream, story and service. In Engineering Enablement , we're the team that makes secure, high-velocity delivery possible. We build shared cloud platforms, developer tooling and guardrails that let hundreds of product teams ship confidently and sustainably. We're hiring a Principal Software … across the BBC. You'll work hands-on with engineering teams, applying InfoSec-led policies and architecture in delivery contexts. You'll support threat modelling, promote secure coding practices, and help scale Secure SDLC across the organisation - without reinventing governance or duplicating policy. It's a high-trust role with real impact: translating strategic security … security policy and architectural guidance. Promote secure SDLC practices across engineering teams, collaborating with InfoSec on shared tooling, templates and enablement. Help teams adopt secure coding standards and integrate automated security checks (SAST, DAST, dependency scanning) into CI/CD pipelines. Participate in threat modelling using InfoSec-led methodologies and coordinate validation and review workflows. More ❯

websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our … well-considered recommendations to management. Development of Security Standards: Develop and maintain best practices and security standards for the organisation, guiding teams in the implementation of secure coding practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in … or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of More ❯

In this key role, you will be a key contributor to Funding Circle's cloud and application security posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI/CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely … as fast, hassle free processes to deliver an unbeatable customer experience. The role Define, champion, and embed secure software development lifecycle (SSDLC) practices and secure coding standards across engineering teams through collaboration, training, and tooling. Architect, build, and maintain automated security controls, tooling, and "security rails" within CI/CD pipelines to ensure secure … CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and supporting the adoption of secure software development lifecycle (SSDLC) practices and secure coding standards within engineering organizations. Strong understanding of web application security vulnerabilities (OWASP Top 10 and beyond), attack vectors, and mitigation techniques. Significant experience securing Infrastructure as Code (IaC) , particularly More ❯

Mentor and guide junior engineers, fostering continuous learning and growth Stay updated on industry trends and emerging technologies, contributing to internal tech communities Ensure adherence to secure coding standards to protect sensitive data and reduce vulnerabilities Develop and maintain robust unit tests to guarantee software reliability and maintainability Drive architectural decisions and long-term technology strategy aligned … to engage technical and non-technical stakeholders alike Confidence in navigating, integrating, and developing solutions across multiple systems Solid understanding of software architecture, design patterns, and secure coding best practices Hands-on experience with cloud platforms (AWS, Azure, Google Cloud) and CI/CD pipelines is a plus Familiarity with SQL/NoSQL databases and version control More ❯

our products. You will play a important role in safeguarding all digital channels that collectively generate billions of pounds in annual ticket sales, ensuring that our systems stay secure, resilient, and innovative in the face of evolving threats. As a Senior Product Security Engineer at Trainline, you will be responsible for Security in the Development Lifecycle : Drive the … are mitigated effectively and implement permanent fixes to prevent reoccurrence. Training and Security Advocacy : Develop and deliver training programs to enhance the organisation's understanding of secure coding and deployment practices. Serve as a security mentor and advocate, fostering a culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align … risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge and Implementation experience: Direct experience with threat modelling, security reviews, and penetration testing. Proven More ❯

WTW. This is a global function, supporting all WTW colleagues. An experienced candidate will be responsible for bringing technical Cybersecurity training skills, such as DevSecOps, Network, Cloud and Secure Code training, to the EAC team - helping to expand and elevate our Cybersecurity culture. The candidate will be a part of a mission-driven team, focused on continuous learning … via E-learning modules, to WTW's technology community Creating and managing educational events such as tournaments and hackathons to facilitate learning and adopt new techniques in a secure way Creating a community environment to facilitate the sharing of threat landscapes, TTPs, and other intelligence Delivering a global Cybersecurity cultural awareness uplift to colleagues across the technology community … the Education, Awareness and Communication team to ensure deliverables are met The Requirements: Skills: Experience in creating and delivering technical Cybersecurity training such as DevSecOps and Secure Coding Strong understanding of Security principles and technologies; Network security, Information Security, Firewalls, Endpoint Detection, Cloud security Strong understanding of secure coding practices such as OWASP top More ❯

with cross-functional teams to define technical requirements and translate business goals into elegant technical solutions. Drive code quality through reviews, unit testing, and adherence to secure coding standards. Contribute to architectural decisions and help set engineering direction across teams. Mentor and support junior engineers, promoting a culture of excellence and continuous learning. Stay informed on emerging … history demonstrating stability, technical growth, and progression. Preferred Skills & Experience: Experience with cloud platforms such as AWS, Azure, or GCP. Familiarity with CI/CD pipelines, secure coding, and performance optimisation. Proficiency with relational and NoSQL databases. Exposure to large-scale, enterprise environments, with a mindset for innovation and change. Senior Software Engineer Key Benefits: Competitive salary More ❯

Protect Granola's technology and users by building secure systems and fostering security culture We're looking for a security engineer who is passionate about application security to help us protect our users and build trust as we scale. In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's applications, building security … to identify vulnerabilities in our applications Design and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyze, and manage vulnerabilities in applications, providing … threats, vulnerabilities, and technologies to enhance our security posture Your background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modeling, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security More ❯

UK SC clearance Are you ready to lead a high-impact security development and testing function? We’re looking for a Security Development and Test Director to oversee secure software development lifecycle, DevSecOps integration, and security testing at scale within a fast-growing security team. This is a unique opportunity to drive operational excellence and shape secure … Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with … technical expertise and solution design Own service delivery quality and client satisfaction Define and enforce secure architecture and coding standards Lead DevSecOps integration with automated security testing in CI/CD Drive continuous process improvements and automation adoption Monitor and report on KPIs like vulnerability remediation, tool adoption, and training uptake Collaborate cross-functionally with architects, engineers More ❯

UK SC clearance Are you ready to lead a high-impact security development and testing function? We’re looking for a Security Development and Test Director to oversee secure software development lifecycle, DevSecOps integration, and security testing at scale within a fast-growing security team. This is a unique opportunity to drive operational excellence and shape secure … Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with … technical expertise and solution design Own service delivery quality and client satisfaction Define and enforce secure architecture and coding standards Lead DevSecOps integration with automated security testing in CI/CD Drive continuous process improvements and automation adoption Monitor and report on KPIs like vulnerability remediation, tool adoption, and training uptake Collaborate cross-functionally with architects, engineers More ❯

development, and turning these into workable new web based and software solutions. You will work across the full suite of digital activity, so you need to be competent in coding using PHP 8.4, HTML 5, CSS 3 and JavaScript as a core skillset, and be able to create websites compatible with all browsers, platforms and responsive to the full … to manage projects from concept through to go live. Additional technical skills youll understand include; Git, JQuery, Ajax, and MySQL/Maria databases. With a team focus on secure software development, you … will follow best practices to ensure that both new and existing code is secure and maintainable, following best practices for secure design, secure coding, security testing, and vulnerability management. Key skills a successful applicant must demonstrate A deep understanding and knowledge of WordPress from theme and plugin development Core skill set of PHP More ❯

sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving tooling, and supporting vulnerability remediation. … a global team in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success. How will you contribute? Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modeling … will you bring? 7+ years of experience in Product Security, Application Security, or a related security engineering role. Deep expertise in secure software development, secure coding practices, and OWASP Top 10/CWE 25. Strong technical proficiency in modern programming languages (e.g., Python, Java, JavaScript, Go, or C#). Experience with cloud-native security (AWS More ❯

or Cambridge Salary: £70,000 - £120,000 (depending on experience and clearance) We are looking for a Full Stack Developer to join a growing public sector team delivering secure, high-impact digital services across Defence & Security. This is a unique opportunity to use your development expertise to help solve real-world challenges for government and national security clients. … collaborative and supportive engineering team, working alongside technical leads, project managers, and stakeholders to deliver robust and scalable solutions. What you'll be doing: Designing, developing and deploying secure, high-performing web applications for government clients Working across the full software development lifecycle, from requirements through to production Building responsive user … interfaces using modern front-end technologies Developing scalable server-side functionality with appropriate frameworks and languages Creating and maintaining RESTful APIs for integration across platforms Following secure coding practices and supporting compliance with government security standards Conducting security reviews and supporting remediation of vulnerabilities Translating technical requirements into delivery plans and code Communicating effectively with both technical More ❯

or Cambridge Salary: £70,000 - £120,000 (depending on experience and clearance) We are looking for a Full Stack Developer to join a growing public sector team delivering secure, high-impact digital services across Defence & Security. This is a unique opportunity to use your development expertise to help solve real-world challenges for government and national security clients. … collaborative and supportive engineering team, working alongside technical leads, project managers, and stakeholders to deliver robust and scalable solutions. What you'll be doing: Designing, developing and deploying secure, high-performing web applications for government clients Working across the full software development lifecycle, from requirements through to production Building responsive user … interfaces using modern front-end technologies Developing scalable server-side functionality with appropriate frameworks and languages Creating and maintaining RESTful APIs for integration across platforms Following secure coding practices and supporting compliance with government security standards Conducting security reviews and supporting remediation of vulnerabilities Translating technical requirements into delivery plans and code Communicating effectively with both technical More ❯

integrating security tools and processes into our CI/CD workflows to enhance the developer experience Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies Create security focused DevSecOps policies and standards and provide training and awareness to the development team Develop Key Risk More ❯

execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and … Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation … strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as More ❯

DevOps Engineer leads the design and implementation of advanced DevOps practices and infrastructure solutions. They mentor other DevOps Engineers and collaborate with technical teams to deliver highly automated, secure, and scalable platforms that support software delivery at pace. Key Responsibilities: Take an active role in defining and delivering platform improvement initiatives that enhance reliability, scalability, and developer experience. … decision-making and prioritisation. Lead the design, development, and optimisation of advanced CI/CD pipelines that meet the evolving needs of multiple development teams. Ensure pipelines are secure, efficient, and reliable, and promote automation of testing, security checks, and deployment across environments. Provide technical leadership in implementing and maintaining infrastructure as code solutions using Terraform, Ansible, and … into CI/CD pipelines, ensuring that security is embedded throughout the software delivery lifecycle. Collaborate with security and compliance teams to manage vulnerabilities and enforce secure coding and deployment practices. Lead technical risk assessments to evaluate platform and pipeline vulnerabilities. Support internal and external audits, ensuring that systems and processes meet regulatory, security, and organisational compliance More ❯

Stack Engineer, you will be instrumental in developing cloud-native platforms and modern web applications. You will collaborate closely with multidisciplinary teams and clients to design and build secure, scalable solutions using the latest tools in JavaScript, cloud, and DevOps technologies. Key Responsibilities: Develop RESTful microservices with Node.js Build responsive front-end applications using JavaScript/TypeScript with … as Code tools such as Terraform Knowledge of NoSQL databases (e.g., MongoDB) and SQL databases (e.g., Postgres) Understanding of accessibility standards, web development best practices, and secure coding principles Bonus Skills: Experience building microservices in languages such as C# or Java Integration experience with large language models using tools like LangChain or Vercel AI Familiarity with the More ❯

a Lead Software Security Engineer to take our product security program to the next level. This is a high-impact, hands-on role where you'll guide the secure design and development of distributed systems, shape engineering and product roadmaps, and foster a security-first mindset across teams. WHAT YOU'LL DO Be a Security Champion Be a … trusted advisor and advocate for security across the development lifecycle, influencing architecture, design and implementation decisions. Embed secure development practices into day-to-day workflows across engineering teams. Own the vulnerability management lifecycle: from discovery and triage to remediation tracking and coordinated disclosure. Build Secure Products by Design Conduct threat models, security architecture reviews and risk … strong understanding of security principles and engineering realities. Must-Have Experience Proven experience in application and product security, including secure design, threat modeling and secure coding practices. Strong knowledge of security issues in modern software stacks, such as Java, distributed systems, microservices, containers, etc. Experience integrating security tools into development pipelines (eg. static/dynamic More ❯

tech providers, they're redefining how enterprise-grade security is built, deployed, and continuously improved. They're now seeking a Security Development and Test Director to lead their secure software engineering function, drive DevSecOps maturity, and embed security across the development lifecycle. This is a client-facing, commercially strategic position – ideal for a security leader who thrives at … the intersection of technical delivery and business growth. Why join? Shape and scale a modern secure-by-design function in a high-growth global firm Strategic autonomy to influence architecture standards, DevSecOps integration, and engineering culture Engage directly with major enterprise clients and shape security roadmaps that matter Be part of a company recognised for its DEI leadership … CI/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC More ❯

tech providers, they're redefining how enterprise-grade security is built, deployed, and continuously improved. They're now seeking a Security Development and Test Director to lead their secure software engineering function, drive DevSecOps maturity, and embed security across the development lifecycle. This is a client-facing, commercially strategic position - ideal for a security leader who thrives at … the intersection of technical delivery and business growth. Why join? Shape and scale a modern secure-by-design function in a high-growth global firm Strategic autonomy to influence architecture standards, DevSecOps integration, and engineering culture Engage directly with major enterprise clients and shape security roadmaps that matter Be part of a company recognised for its DEI leadership … CI/CD workflows Owning security tooling strategy (SAST, DAST, SCA, container scanning) and driving adoption across development pipelines Building and mentoring high-performing teams in secure coding, DevSecOps, and threat modelling Leading engagements with major clients during pre-sales, delivery and review phases Managing financials, resource planning, and service maturity across the Secure SDLC More ❯

execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and … Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw … mitigation strategies. Key Requirements: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Familiarity with Agile methodologies like SCRUM More ❯