1 to 25 of 122 Application Security Jobs in London

The Role Embed security best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/… CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing … or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE More ❯

The Role Embed security best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/… CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing … or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE More ❯

The Role Embed security best practices within the SDLC, collaborating with developers to ensure secure coding. Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications. Perform application security testing (SAST, DAST) and manual security code reviews. Implement and manage security tools such as SAST, DAST, SCA, and CI/… CD security integrations. Investigate security incidents, prioritise remediation and guide teams on secure development practices. Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.) Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices. Skills 5+ years of experience in application security, penetration testing … or software security engineering. Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET). Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE More ❯

identify and draw attention to opportunities for enhancing our delivery and providing additional services to organisations we work with. We are seeking a highly motivated and experienced Lead Software Security Engineer to join our team. You will have a strong background in software development, security, and operations. This role is required to support the Digital Product Management team … in embedding security requirements and best practices into new Digital Products and Services. You will work closely with the Digital Product Management and IT Security teams to establish and build the right security controls and quality state gates across the product lifecycle. This includes security tooling to manage these controls. In this busy and rewarding role … you'll also: Collaborate with software development teams to integrate security into the development lifecycle Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends More ❯

Cyber Security Architect (Must hold current active SC Clearance) The Company: At Amber Labs, we are a cutting-edge UK and European technology consultancy that prioritises empowering autonomy, promoting experimentation, and facilitating rapid learning to provide exceptional value to our clients. Our company culture is centred around collaboration, where all colleagues, regardless of their role, work together to minimise … risk and shorten delivery times. Our team consists of highly-skilled cross-functional consultants, analysts, and support staff. Job Overview: We are seeking an experienced Cyber Security Architect with active security clearance to lead the development, design, and implementation of security solutions across various projects. The successful candidate will be responsible for ensuring that robust and effective … security measures are in place to safeguard critical infrastructure, sensitive data, and applications. Key Responsibilities: Security Strategy and Architecture: Develop and implement security strategies aligned with industry standards and best practices, ensuring all systems are secure by design. Risk Management: Assess risks, identify vulnerabilities, and create threat models for new and existing systems to prioritize security More ❯

Job Title: Application Security Architect Location: Remote (with twice a month in Leeds Office) Duration: 6 months - End date 21/12/2025 (Possible extension) Engagement: Inside IR35 - Via Umbrella Day rate: £800 Per day We’re looking for an experienced Application Security Architect to a Global Healthcare client of ours on a contract basis. … a pivotal role in shaping and securing the design and development of key applications across their technology estate. Key Responsibilities Collaborate with engineering and architecture teams to define technical security requirements and ensure cohesive, secure solutions. Lead on the resolution of high-priority and complex security incidents. Advise senior leadership on risk management strategies and mitigation plans. Oversee … security for a portfolio of applications/projects from inception through delivery. Ensure security controls are effectively embedded throughout the SDLC. Maintain up-to-date InfoSec policies and technical security standards. Conduct vulnerability assessments, threat modelling, and architecture reviews. What You’ll Bring Strong ability to translate technical risk into clear, actionable business terms. Hands-on experience More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency and effectiveness, reducing the risk of human error. Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management. Development of More ❯

global leader in cloud-based treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across our cloud infrastructure and IT … operations. Job Overview As a DevSecOps Engineer, you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations. Working at the intersection of operations, security, and development, you will collaborate closely with internal teams to safeguard critical business operations by design and default. You will be responsible for security automation, CI …/CD pipeline enhancements, and cloud security management, ensuring compliance with industry standards. Key Responsibilities Security & DevOps Integration: Support and extend the secured CI/CD pipeline to enhance development security. Work with development teams to optimize infrastructure security. Cloud & Infrastructure Security: Maintain and secure AWS cloud infrastructure for clients and internal operations. Automate AWS infrastructure builds More ❯

global leader in cloud-based treasury solutions, empowering investment firms with cutting-edge technology to optimize financial performance, enhance liquidity, and mitigate risk. As part of our commitment to security and innovation, we are expanding our Information Security Team and seeking a DevSecOps Engineer to drive security automation and best practices across our cloud infrastructure and IT … operations. Job Overview As a DevSecOps Engineer, you will play a pivotal role in integrating security practices into our DevOps pipeline and IT operations. Working at the intersection of operations, security, and development, you will collaborate closely with internal teams to safeguard critical business operations by design and default. You will be responsible for security automation, CI …/CD pipeline enhancements, and cloud security management, ensuring compliance with industry standards. Key Responsibilities Security & DevOps Integration: Support and extend the secured CI/CD pipeline to enhance development security. Work with development teams to optimize infrastructure security. Cloud & Infrastructure Security: Maintain and secure AWS cloud infrastructure for clients and internal operations. Automate AWS infrastructure builds More ❯

Are you passionate about Cyber Security and Enterprise Architecture? Do you have senior-level experience as a Cyber Security Professional? Join us to shape the security technology and tooling strategy for HMRC and influence the UK Public Sector. Enjoy a healthy work/life balance while making a significant impact. HMRC are now one of the most … IT Landscape across Multi-Hybrid Cloud Platform. Working in one of the most complex infrastructures across Europe with significant investment and over 1000 changes monthly impacting over 600 services. Security Modernisation is critical to this initiative and our collective success. Now is a great time to join us as we establish a team of outstanding people in the fields … of Security Architecture, Risk Assessment and Testing who will create and run these new and improved technology services. This is a chance to work on services that matter and affect the lives of millions of citizens as well as delivering Government Security services directly across circa 400 Government Departments and Arms-Length Bodies (ALBs). Job description HMRC More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency and effectiveness, reducing the risk of human error. Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management. Development of More ❯

Cyber Security Engineer - London (Hybrid) - £700 per day inside IR35 - 4 months+ All applicants must hold … an active SC clearance. My client is on the hunt for a Cyber Security Engineer to join a central government client of theirs. You will be joining an AppSec team focused on building security automation into delivery pipelines and conducting security focused tests against digital services. Key Responsibilities Perform penetration testing and vulnerability assessments of web applications … APIs, and cloud infrastructure. Evaluate the automated security tooling into CI/CD pipelines (SAST, DAST, dependency checking, IaC etc), and make necessary recommendations. Collaborate with developers to remediate identified vulnerabilities and ensure secure code practices. Provide expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC More ❯

executing advanced penetration tests and vulnerability assessments across a diverse portfolio of applications. This is a hands-on, technical role where you'll actively identify, exploit, and help remediate security weaknesses in web, mobile, and cloud-based applications. You'll be at the forefront of defending against cyber threats by implementing cutting-edge security tools, collaborating with development … teams to integrate security into the SDLC, and playing a critical role in protecting the organisation's digital assets. The successful candidate will play a hands-on role in testing the security of applications, networks, and systems, while ensuring that security standards are integrated into the development process. Key Responsibilities: Penetration Testing & Vulnerability Assessment: Conduct and oversee … exploits. Analyse and prioritise vulnerabilities based on risk and provide detailed technical reports with recommended remediation steps for developers and system administrators. Keep up to date with the latest security vulnerabilities, exploits, and attack methodologies to ensure effective penetration testing. Security Risk Management: Develop and manage the organisation's vulnerability management program, ensuring compliance with internal policies and More ❯

Job Title: Senior Security Engineer Manager: CISO Department: Cyber Security Division: Enterprise Information Technology Services Location: London, Hybrid Main Purpose: The MDU is undertaking an exciting digital transformation programme and to support this the Cyber Security Team is looking to appoint a Senior Security Engineer. Working closely with delivery teams covering strategic and non-strategic change … this role will provide subject matter expertise to keep the MDU, its data and, its member safe from cyber security threats. The Senior Security Engineer will be responsible for the delivery of security technologies in a range of projects and will therefore: Have a strong cyber security engineering or professional services background with experience of delivering … both large-scale and small-scale projects to a high quality in a fast-paced environment. Have a good practical knowledge of both traditional security technologies and modern security tooling to allow support of both the existing and new environments during the digital transformation. Have a proven track record of working in cross functional teams to successfully deliver More ❯

As the sole expert in this position, you'll spearhead Cyber projects with plans to build your own team in 2025 The role combines two dynamic elements: Core IT Security: Leverage your deep technical expertise to maintain the security of our infrastructure, servers, and systems. From leading our Managed Security Service Providers (MSSPs), building a best-in … class Cyber training and awareness programme, and performing security audits on critical systems. Cybersecurity Governance: Implement governance and frameworks to embed security across the business, across IT, Engineering, and other business verticals, ensuring best-practice configurations become the norm. Your Mission As our Cybersecurity Lead, you will: Build and implement a DevSecOps framework to ensure our digital products … such as the Change Advisory Board (CAB). Manage penetration testing for customer-facing and internal systems, working with internal teams and external partners to implement remediations effectively. Cloud & Application Security Act as the go-to expert for securing Microsoft Azure, ensuring that cloud security requirements are integrated into all new systems and services. Drive application More ❯

Security Systems Engineer - DevSecOps - Remote - Amazing role - to £70,0000 + Bens Once in a life time opportunity to join a scaling up tech company who are disrupting the digital security sector. My customer are an incredibly innovative scaling up tech company who are looking to recruit a Security Systems Engineer with experience of DevSecOps, AWS, and … + health + share scheme + flexible working + 25 days holidays. Complete remote role with quarterly meet-ups and customer site visits. Position Overview: We are seeking a security systems engineer who combines strategic oversight with strong hands-on capabilities. This role is pivotal in shaping the overarching technical security posture of our organisation while actively integrating … security into our development and operational workflows. The ideal candidate will bridge the gap between high-level security strategy and practical implementation, ensuring that our systems are secure by design and that security is embedded throughout the software development lifecycle. This individual will ensure that both our strategic security objectives and operational practices align with compliance More ❯

culture of mutual trust, support and passion - while providing individuals with opportunities to grow professionally and make a difference in the world. Your Mission: As the Head of Information Security, you will be responsible for building and leading Hawk's information security program. You will develop and execute a comprehensive security strategy, manage a team of security … company in Germany and our affiliates and subsidiaries in USA, UK and Singapore. This leadership role requires a strong technical background, strategic thinking, and the ability to effectively communicate security concepts to both technical and non-technical audiences. Your Responsibilities: Provide leadership and direction to the InfoSec team, fostering a culture of collaboration, innovation, and continuous improvement. Develop, implement … and maintain the organization's information security strategy, policies, and procedures, aligning them with business objectives and risk tolerance. Oversee the maintenance and expansion of existing security certifications (ISO 27001, SOC 2) and drive initiatives for future certifications (e.g., ISO 22301, DORA). Direct regular security audits, risk assessments, and vulnerability analyses, ensuring that findings are addressed More ❯

Senior Cloud Security Engineer Department: Engineering Employment Type: Permanent - Full Time Location: London Reporting To: Sami Eltamawy Compensation: £80,000 - £90,000/year Description London, office-based Freetrade's mission is to become the default place to invest. Investing has been too complicated and expensive for too long, keeping millions from making the most of their savings. We … an even better experience for our customers. We're on a mission to build a secure, scalable, and resilient cloud infrastructure-and we're looking for a Senior Cloud Security Engineer to lead the way. In this foundational role, you'll architect and build our cloud security program from the ground up, helping to shape how we protect … our systems, services, and users in an ever-evolving digital landscape. You'll work closely with our DevOps and Platform teams to integrate security deeply into our development and deployment pipelines. This is your chance to define the standards, select the tools, and create the practices that will safeguard our cloud ecosystem now and into the future. If you More ❯

A great client of mine is hiring a Security-Focused Technical Consultant/Security Architect to join a highly regulated healthcare tech environment. You’ll work cross-functionally with engineering, architecture, and business teams to design secure solutions, manage risks, and ensure compliance across a portfolio of applications. Length: Initial 7 months with chance to extend or go … perm. IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective … security controls 🧠 Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

A great client of mine is hiring a Security-Focused Technical Consultant/Security Architect to join a highly regulated healthcare tech environment. You’ll work cross-functionally with engineering, architecture, and business teams to design secure solutions, manage risks, and ensure compliance across a portfolio of applications. Length: Initial 7 months with chance to extend or go … perm. IR35: Inside Work structure: Remote 🔐 Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective … security controls 🧠 Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

A great client of mine is hiring a Security-Focused Technical Consultant/Security Architect to join a highly regulated healthcare tech environment. You’ll work cross-functionally with engineering, architecture, and business teams to design secure solutions, manage risks, and ensure compliance across a portfolio of applications. Length: Initial 7 months with chance to extend or go … perm. IR35: Inside Work structure: Remote Key Responsibilities: Partner with engineering and architecture to define secure technical solutions Manage end-to-end project security across multiple applications Perform vulnerability testing, threat modelling, and risk assessments Maintain up-to-date security policies, standards, and best practices Communicate risks and mitigation strategies to senior stakeholders Translate business needs into effective … security controls Key Skills & Experience: 5+ years in security architecture or consulting in regulated environments Deep knowledge of secure SDLC, DevSecOps, cloud (Azure/AWS), and frameworks (OWASP, MITRE) Hands-on experience with vulnerability tools, threat modelling, and compliance (GDPR, HIPAA, PCI) Strong communication and stakeholder engagement skills Technical knowledge across .NET, Java, scripting (Python, PowerShell), APIs, and More ❯

Press space or enter keys to toggle section visibility Location London Job Type Full Time Posted Date 16-Jun-2025 Ref # 62659 We are seeking a Principal Security Engineer to lead and drive security engineering efforts across our cloud and application environments. This strategic, hands-on role requires expertise in cloud security, secure development practices … and the implementation of advanced security controls. You will serve as a leader within the Consumer Security Engineering team, driving security initiatives across cloud platforms, microservice architectures, digital products, application security, and enterprise security. You will define and build comprehensive security strategies in collaboration with developers, DevSecOps engineers, ensuring that security is seamlessly … integrated into our CI/CD pipelines and all layers of infrastructure. Additionally, you will supervise security tool management and ensure cyber resiliency for consumer applications. A deep understanding of Google Cloud Security, Application Security, API security, and customer security systems is crucial. Key Responsibilities: Design and Implement Security Strategy: Develop and implement More ❯

Fintech investors Breega and Element Ventures, as well as the founders of Zoopla, Funding Circle, Comply Advantage, Tessian, Fenergo and Fidel. The Role: You will be responsible for information security at Thirdfort, leveraging your expertise to help us live our Build on Trust company value. By improving the coverage and efficiency of our security controls, you will help … reduce our security risk whilst also allowing us to give best in class answers to clients, regulators and auditors about our security practices. You will report directly to the Head of Engineering. You will oversee critical security infrastructure and operations, automate security workflows, and work closely with technical and business stakeholders to ensure effective, efficient and … appropriate security controls are in place across all parts of the business. This is a great opportunity to across all aspects of security, and help shape how security is done at Thirdfort. Working in a fast paced, cloud native environment, you will be involved in everything from security operations to application security, cloud security More ❯

DevSecOps Engineer | Permanent | UK (Hybrid - once a month) | £85k We're working with a highly respected, forward-thinking professional services firm on a mission to embed security into every part of their digital transformation journey. This is a key hire within their growing tech function - they're looking for a DevSecOps/Lead Software Security Engineer to shape … its people, with a collaborative culture and real investment in development. They're agile, ambitious, and looking for someone who wants to play a hands-on role in moving security left - bringing DevSecOps to life and guiding engineering teams with confidence and clarity. What you'll be doing: Leading the cultural shift towards DevSecOps across multiple product teams Embedding … security requirements and tooling into the SDLC from the ground up Defining and implementing a product security strategy aligned with business goals Collaborating with developers to automate and streamline security testing Supporting pen test activity and guiding secure remediation efforts Serving as an internal SME on application and cloud security matters Keeping documentation, training, and More ❯

of risk management practices pertaining to the risk and controls of the technology assets and systems, adherence to policies, standards, and procedures. Risk assessment of the impact of changing application, infrastructure, and Cloud computing services on the Goldman Sachs technology portfolio. Coordination and key participation in the development of the evolving risk position of new technology and third-party … best practices. Develop and perform ongoing analysis of operational risk loss, near miss and external events to inform RCSA results, technology assessments and scenario analysis. Establishes and oversees the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks. Working with colleagues … expected to contribute to the oversight of technology failure risks. Manage identified risks using firm's Operational Risk Management Framework. Conduct line of business-oriented risk assessment based on application, infrastructure, and platforms. Participate in key governance, steering groups and control forums. This role requires an energetic self-starter that can liaise with Engineering teams and business both regionally More ❯