1 to 25 of 80 Secure Coding Jobs in London

implement secure software development practices Integrate security gates into CI/CD pipelines following DevSecOps principles Establish security quality gates and acceptance criteria Develop secure coding standards based on OWASP guidelines Create security architecture patterns and reference implementations Security Code Reviews & Testing Conduct in-depth security code reviews for critical features Implement automated security testing … security linters and pre-commit hooks Create automated vulnerability tracking and remediation workflows Implement secret scanning and dependency checking Build security dashboards and metrics reporting Create secure coding guidelines for different technology stacks Develop a security champions program aligned with OWASP SAMM Conduct security training on platform-specific vulnerabilities Provide hands-on guidance during security incidents Build … years of application security experience Deep understanding of security vulnerabilities across web and mobile platforms Hands-on experience with security testing tools and methodologies Expertise in secure coding practices and design patterns Experience with modern development frameworks (React, Angular, ReactNative, Flutter) Security Domain Knowledge Expert knowledge of OWASP standards (Top 10, ASVS, SAMM, MASVS) Understanding of cryptographic More ❯

proactive Application Security Engineer to embed secure development practices across its software delivery lifecycle. This role is critical in reducing application-layer risks, implementing secure coding standards, and ensuring that threat modelling and architecture reviews are consistently applied across all development efforts. You will work closely with engineering, and platform teams to integrate security into … ISO 27001, FCA, and NIST standards. Contribute to audit readiness and support compliance automation platforms such as Drata Collaboration & Training Work with engineering teams to promote secure coding practices. Support the rollout of role-based security training and awareness initiatives. Act as a security champion within development squads and mentor junior engineers. Requirements Broad experience in application … security or secure software development. Strong understanding of OWASP Top 10, secure coding techniques, and threat modelling. Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners. Familiarity with cloud platforms (Azure or AWS), CI/CD pipelines, and DevOps practices. Knowledge of regulatory frameworks (ISO 27001, FCA, NIST). Excellent communication skills More ❯

editorial standards, but also on the security, reliability and resilience of the systems behind every stream, story and service. In Engineering Enablement , we're the team that makes secure, high-velocity delivery possible. We build shared cloud platforms, developer tooling and guardrails that let hundreds of product teams ship confidently and sustainably. We're hiring a Principal Software … across the BBC. You'll work hands-on with engineering teams, applying InfoSec-led policies and architecture in delivery contexts. You'll support threat modelling, promote secure coding practices, and help scale Secure SDLC across the organisation - without reinventing governance or duplicating policy. It's a high-trust role with real impact: translating strategic security … security policy and architectural guidance. Promote secure SDLC practices across engineering teams, collaborating with InfoSec on shared tooling, templates and enablement. Help teams adopt secure coding standards and integrate automated security checks (SAST, DAST, dependency scanning) into CI/CD pipelines. Participate in threat modelling using InfoSec-led methodologies and coordinate validation and review workflows. More ❯

websites to meet the highest security standards. Your expertise will help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our … well-considered recommendations to management. Development of Security Standards: Develop and maintain best practices and security standards for the organisation, guiding teams in the implementation of secure coding practices. Secure Design: Collaborate with development teams to ensure that web and mobile front-ends, as well as microservice architectures, are designed with robust security measures in … or application security. You should also have a proven experience and knowledge with any combination of the following: Threat modelling and risk assessments, Working knowledge of secure coding principles (OWASP and OWASP mobile, SANS ), Experience with designing and administering identity management (authentication and authorisation including policy enforcement points, token services, protocols such as OAuth2), Working knowledge of More ❯

our products. You will play a important role in safeguarding all digital channels that collectively generate billions of pounds in annual ticket sales, ensuring that our systems stay secure, resilient, and innovative in the face of evolving threats. As a Senior Product Security Engineer at Trainline, you will be responsible for Security in the Development Lifecycle : Drive the … are mitigated effectively and implement permanent fixes to prevent reoccurrence. Training and Security Advocacy : Develop and deliver training programs to enhance the organisation's understanding of secure coding and deployment practices. Serve as a security mentor and advocate, fostering a culture of security awareness across engineering and business teams. Compliance and Standards : Ensure product security practices align … risks in application designs, code, and deployed products. Experience managing and using security testing tools such as SAST, DAST, and vulnerability scanning solutions. Strong grasp of secure coding practices and proficiency in integrating security into the Software Development Lifecycle (SDLC). Technical Knowledge and Implementation experience: Direct experience with threat modelling, security reviews, and penetration testing. Proven More ❯

using F-Sharp Enhance and refactor existing .NET codebases Collaborate with cross-functional teams to gather and analyse requirements Write clean, maintainable, and efficient code following secure-coding best practices Conduct code reviews and ensure adherence to standards Debug, troubleshoot and resolve software issues Participate actively in Agile ceremonies and continuous-learning initiatives Preferred Qualifications Bachelor's … or Master's degree in Computer Science, Engineering or related field Certifications in Microsoft technologies (eg, Azure Developer) Experience with secure coding practices and risk/control frameworks Exposure to data-science or advanced analytics patterns using F# If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF More ❯

Protect Granola's technology and users by building secure systems and fostering security culture We're looking for a security engineer who is passionate about application security to help us protect our users and build trust as we scale. In this role, you will be responsible for identifying and mitigating security vulnerabilities within Granola's applications, building security … to identify vulnerabilities in our applications Design and implement security tools, frameworks, and methodologies to protect against security threats Work closely with development teams to ensure secure coding practices are integrated throughout the SDLC Perform threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies Track, analyze, and manage vulnerabilities in applications, providing … threats, vulnerabilities, and technologies to enhance our security posture Your background looks something like: Extensive experience in application security, cybersecurity, or related fields Strong understanding of secure coding practices, threat modeling, risk assessments, and incident response Proficiency in programming languages such as TypeScript, Python, or similar Experience with security tools, security protocols, encryption methods, and application security More ❯

UK SC clearance Are you ready to lead a high-impact security development and testing function? We’re looking for a Security Development and Test Director to oversee secure software development lifecycle, DevSecOps integration, and security testing at scale within a fast-growing security team. This is a unique opportunity to drive operational excellence and shape secure … Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with … technical expertise and solution design Own service delivery quality and client satisfaction Define and enforce secure architecture and coding standards Lead DevSecOps integration with automated security testing in CI/CD Drive continuous process improvements and automation adoption Monitor and report on KPIs like vulnerability remediation, tool adoption, and training uptake Collaborate cross-functionally with architects, engineers More ❯

UK SC clearance Are you ready to lead a high-impact security development and testing function? We’re looking for a Security Development and Test Director to oversee secure software development lifecycle, DevSecOps integration, and security testing at scale within a fast-growing security team. This is a unique opportunity to drive operational excellence and shape secure … Drive secure architecture standards and embed security controls into DevOps pipelines Oversee implementation and optimisation of security tooling (SAST, DAST, SCA, container security) Champion secure coding, threat modelling, and DevSecOps maturity improvements Manage budgets, profitability, and resource utilisation for your function Mentor and develop high-performing engineering and testing teams Key Responsibilities Support sales with … technical expertise and solution design Own service delivery quality and client satisfaction Define and enforce secure architecture and coding standards Lead DevSecOps integration with automated security testing in CI/CD Drive continuous process improvements and automation adoption Monitor and report on KPIs like vulnerability remediation, tool adoption, and training uptake Collaborate cross-functionally with architects, engineers More ❯

sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving tooling, and supporting vulnerability remediation. … a global team in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success. How will you contribute? Secure SDLC Integration: Embed security within the software development lifecycle, ensuring security is considered at every phase-from design to deployment. Threat Modeling & Security Design Reviews: Conduct structured threat modeling … will you bring? 7+ years of experience in Product Security, Application Security, or a related security engineering role. Deep expertise in secure software development, secure coding practices, and OWASP Top 10/CWE 25. Strong technical proficiency in modern programming languages (e.g., Python, Java, JavaScript, Go, or C#). Experience with cloud-native security (AWS More ❯

or Cambridge Salary: £70,000 - £120,000 (depending on experience and clearance) We are looking for a Full Stack Developer to join a growing public sector team delivering secure, high-impact digital services across Defence & Security. This is a unique opportunity to use your development expertise to help solve real-world challenges for government and national security clients. … collaborative and supportive engineering team, working alongside technical leads, project managers, and stakeholders to deliver robust and scalable solutions. What you'll be doing: Designing, developing and deploying secure, high-performing web applications for government clients Working across the full software development lifecycle, from requirements through to production Building responsive user … interfaces using modern front-end technologies Developing scalable server-side functionality with appropriate frameworks and languages Creating and maintaining RESTful APIs for integration across platforms Following secure coding practices and supporting compliance with government security standards Conducting security reviews and supporting remediation of vulnerabilities Translating technical requirements into delivery plans and code Communicating effectively with both technical More ❯

or Cambridge Salary: £70,000 - £120,000 (depending on experience and clearance) We are looking for a Full Stack Developer to join a growing public sector team delivering secure, high-impact digital services across Defence & Security. This is a unique opportunity to use your development expertise to help solve real-world challenges for government and national security clients. … collaborative and supportive engineering team, working alongside technical leads, project managers, and stakeholders to deliver robust and scalable solutions. What you'll be doing: Designing, developing and deploying secure, high-performing web applications for government clients Working across the full software development lifecycle, from requirements through to production Building responsive user … interfaces using modern front-end technologies Developing scalable server-side functionality with appropriate frameworks and languages Creating and maintaining RESTful APIs for integration across platforms Following secure coding practices and supporting compliance with government security standards Conducting security reviews and supporting remediation of vulnerabilities Translating technical requirements into delivery plans and code Communicating effectively with both technical More ❯

integrating security tools and processes into our CI/CD workflows to enhance the developer experience Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies Create security focused DevSecOps policies and standards and provide training and awareness to the development team Develop Key Risk More ❯

execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and … Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation … strategies. Key Requirements: Essential: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Proficiency in programming languages such as More ❯

sustained, aggressive growth has landed Smarsh in the annual Inc. 5000 list of fastest-growing American companies since 2008. We're seeking a Product Security Engineer to support secure development across our engineering teams. In this hands-on role, you'll help identify and mitigate product risks by participating in security reviews, improving tooling, and supporting vulnerability remediation. … a global team in a dynamic, fast-paced environment. Collaboration across time zones and geographies is a key part of our culture and success. How will you contribute? Secure SDLC Support : Assist in integrating security practices into the software development lifecycle, including design reviews and backlog grooming. Threat Modelling : Participate in structured threat modelling exercises with guidance from … developer guidance, and response runbooks. What will you bring? 4 years in security engineering, DevSecOps, application security, or related software engineering roles. Strong foundational knowledge of secure coding and OWASP Top 10 risks. Experience with at least one modern programming language (e.g., Python, Java, JavaScript, Go, or C#). Familiarity with cloud platforms (AWS, Azure, or GCP More ❯

Senior Backend Developer (Node.js/TypeScript) – London (Hybrid working applies) Are you an experienced backend developer with a passion for building secure, high-performance systems in the cloud? We're looking for a Senior Node.js Engineer to help shape the future of embedded commerce experiences.You’ll be part of a small, high-impact engineering team building cloud-native … Node.js, and AWS services like Lambda, API Gateway, and DynamoDB. Ensuring continued PCI DSS compliance across the full development lifecycle, including patching, error tracing, and applying secure coding practices. Designing secure, well-documented service interfaces and abstractions over external APIs used by our clients. Participating in Agile ceremonies, collaborating closely with engineering, infrastructure, and external … hands-on experience with TypeScript and Node.js for backend development. Deep understanding of AWS serverless technologies. Working knowledge of Infrastructure-as-Code tools. Strong background in RESTful API development, secure authentication mechanisms, and API integration best practices. Experience working in regulated environments such as PCI DSS, or within other compliance-heavy systems. Familiarity with frontend frameworks like React More ❯

Senior Backend Developer (Node.js/TypeScript) - London (Hybrid working applies) Are you an experienced Back End developer with a passion for building secure, high-performance systems in the cloud? We're looking for a Senior Node.js Engineer to help shape the future of Embedded commerce experiences. You'll be part of a small, high-impact engineering team building … and AWS services like Lambda, API Gateway, and DynamoDB. Ensuring continued PCI DSS compliance across the full development life cycle, including patching, error tracing, and applying secure coding practices. Designing secure, well-documented service interfaces and abstractions over external APIs used by our clients. Participating in Agile ceremonies, collaborating closely with engineering, infrastructure, and external … on experience with TypeScript and Node.js for Back End development. Deep understanding of AWS serverless technologies. Working knowledge of Infrastructure-as-Code tools. Strong background in RESTful API development, secure authentication mechanisms, and API integration best practices. Experience working in regulated environments such as PCI DSS, or within other compliance-heavy systems. Familiarity with Front End frameworks like More ❯

of industry technology trends and innovations and actively contribute to the organization's technology communities to foster a culture of technical excellence and growth. Adherence to secure coding practices to mitigate vulnerabilities, protect sensitive data, and ensure secure software solutions. Implementation of effective unit testing practices to ensure proper code design, readability, and reliability. Vice More ❯

a Lead Software Security Engineer to take our product security program to the next level. This is a high-impact, hands-on role where you'll guide the secure design and development of distributed systems, shape engineering and product roadmaps, and foster a security-first mindset across teams. WHAT YOU'LL DO Be a Security Champion Be a … trusted advisor and advocate for security across the development lifecycle, influencing architecture, design and implementation decisions. Embed secure development practices into day-to-day workflows across engineering teams. Own the vulnerability management lifecycle: from discovery and triage to remediation tracking and coordinated disclosure. Build Secure Products by Design Conduct threat models, security architecture reviews and risk … strong understanding of security principles and engineering realities. Must-Have Experience Proven experience in application and product security, including secure design, threat modeling and secure coding practices. Strong knowledge of security issues in modern software stacks, such as Java, distributed systems, microservices, containers, etc. Experience integrating security tools into development pipelines (eg. static/dynamic More ❯

closely with cross-functional teams to design, build, and implement new capabilities that enhance our service offerings. What You'll Work On Design and develop robust, scalable, and secure applications using Python and C# Leverage existing cloud-based technology to build and deploy applications that meet the needs of the card issuing market. Collaborate with Product Managers, UX … promoting best practices in software development. Troubleshoot, debug, and upgrade existing systems, ensuring high performance and responsiveness to requests. Participate in code reviews, contributing to the maintenance of high coding standards and improving the overall quality of the codebase. Technical Skills and Experience Needed Proven experience with cloud-based technology, and services, preferably within AWS. Expertise in both Frontend … and Backend software solution development Experience with Agile development methodologies and SecDevOps practices. Excellent knowledge of secure coding practices inline. Strong knowledge of databases, SQL, and NoSQL, as well as data structures and algorithms. Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment. Strong communication and collaboration skills, with the ability More ❯

closely with cross-functional teams to design, build, and implement new capabilities that enhance our service offerings. What You'll Work On Design and develop robust, scalable, and secure applications using Python and C# Leverage existing cloud-based technology to build and deploy applications that meet the needs of the card issuing market. Collaborate with Product Managers, UX … promoting best practices in software development. Troubleshoot, debug, and upgrade existing systems, ensuring high performance and responsiveness to requests. Participate in code reviews, contributing to the maintenance of high coding standards and improving the overall quality of the codebase. Technical Skills and Experience Needed Proven experience with cloud-based technology, and services, preferably within AWS. Expertise in both Frontend … and Backend software solution development Experience with Agile development methodologies and SecDevOps practices. Excellent knowledge of secure coding practices inline. Strong knowledge of databases, SQL, and NoSQL, as well as data structures and algorithms. Excellent problem-solving skills and the ability to work in a fast-paced, evolving environment. Strong communication and collaboration skills, with the ability More ❯

execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development. Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and … Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams. Team Support: Provide guidance and support to development teams on secure software production practices and flaw … mitigation strategies. Key Requirements: 5+ years of experience in application security, with at least 3+ years in software development. Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms. Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization). Familiarity with Agile methodologies like SCRUM More ❯

delivery of a DevSecOps approach, and collaborating closely with our development teams. As one of our security engineers, you will drive continuous improvement across software applications, secure coding practices, and support the organisation's digital transformation initiatives. Who are the team? The role sits within an inclusive, diverse, respectful, and agile team of information security professionals responsible … to find and fix vulnerabilities. Conduct security assessments, support penetration testing, and address vulnerabilities. Transform technical requirements into an effective application development lifecycle within a DevSecOps toolchain. Ensure secure deployment strategies are scalable, repeatable, and highly available. Support technical and security teams in maintaining and securing the Azure cloud estate, providing coaching and mentoring. Improve and optimize processes … applications and solutions (Practitioner) Supporting and supporting security support methodologies (Expert) Process analysis and optimization (Practitioner) Risk-based decision making (Working) Modern development standards application (Practitioner) Software engineering: design, coding, testing (Practitioner) Prototyping and testing (Practitioner) Research and innovation in security (Working) Systems design and integration (Practitioner) Understanding security implications of transformation (Working) Experience: Integrating security practices into DevOps More ❯

PHP applications with MySQL and AWS, focusing on performance, reliability, and security. Contribute to full life cycle development of RESTful APIs and Back End services, working across architecture, design, coding, testing, and deployment. Participate in Agile ceremonies, collaborating closely with team members, stakeholders, and third parties. Champion best practices including TDD/BDD, CI/CD, and secure coding principles. Diagnose and solve issues across multiple environments, including production systems hosted on AWS. Take ownership of code quality and technical direction, mentoring teammates and setting high standards for delivery. Play a key role in driving future product roadmaps and adopting emerging technologies. We are looking for candidates who have: Deep experience with PHP and MySQL … tuning and performance optimisation. Solid grasp of modern DevOps practices Experience designing and documenting APIs and integrating with complex systems. A strong focus on testing, automation, and delivering secure code. If you are looking to work with a collaborative, supportive engineering team invested in best practices please send through your CV to ARC IT Recruitment for consideration. London More ❯

maintaining scalable PHP applications with MySQL and AWS, focusing on performance, reliability, and security. Contribute to full lifecycle development of RESTful APIs and backend services, working across architecture, design, coding, testing, and deployment. Participate in Agile ceremonies, collaborating closely with team members, stakeholders, and third parties. Champion best practices including TDD/BDD, CI/CD, and secure coding principles. Diagnose and solve issues across multiple environments, including production systems hosted on AWS. Take ownership of code quality and technical direction, mentoring teammates and setting high standards for delivery. Play a key role in driving future product roadmaps and adopting emerging technologies. We are looking for candidates who have : Deep experience with PHP and MySQL … tuning and performance optimisation. Solid grasp of modern DevOps practices Experience designing and documenting APIs and integrating with complex systems. A strong focus on testing, automation, and delivering secure code. If you are looking to work with a collaborative, supportive engineering team invested in best practices please send through your CV to ARC IT Recruitment for consideration. London More ❯