26 to 50 of 152 Application Security Jobs in the UK

security into SDLC during the design and development of digital services to ensure a holistic shift-left approach to secure by design. The Impact You'll Make Integrating AppSec security controls in a central security platform (Splunk) with service and SRO-level dashboards. Delivering service-level and SRO dashboards in Splunk to see security posture and … risk exposure for all implemented technologies and security controls. Performing deep security assessments against digital services using manual methods and tools such as Burp Suite, Metasploit, Nikto, Nessus, and ZAP. Security testing and remediating issues in APIs and infrastructure. Conducting threat modeling to identify threats and define tangible security controls and mitigations. Supporting skills and knowledge … What You'll Bring to the Team and the Tools you'll need: You'll bring a comprehensive background inAppSec Engineering/DevSecOps with experience across testing, threat modeling, application development and possess a solid understanding of cyber attack methodologies. Security engineering, cloud security, and posture management in CI/CD environments Network technologies, cloud providers (AWS More ❯

Job Title: WAF & Application Security SME Location: Birmingham (Hybrid - 60% office/40% home, 3 days in the office mandatory) Salary/Rate: £480 Per Day - Inside IR35 Start Date: 15/09/2025 End Date: 15/09/2026 Job Type: Contract Company Introduction We have an exciting opportunity for a skilled Web Application Firewall (WAF) & Application Security Subject Matter Expert to join a high-profile programme. This role is pivotal in enhancing and tuning WAF solutions across a variety of applications to improve security posture and protect against advanced web-based threats. Job Responsibilities/Objectives You will be responsible for designing, testing, tuning, and implementing advanced WAF configurations … WAF management, tuning, and engineering, with a strong understanding of web application security principles. Proven ability to proactively identify and mitigate false positives. Background in SOC, CSIRT, AppSec, or Ethical Hacking with hands-on log analysis experience. Proficiency in analysing traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major More ❯

Job Title: WAF & Application Security SME Location: Birmingham (Hybrid - 60% office/40% home, 3 days in the office mandatory) Salary/Rate: £480 Per Day - Inside IR35 Start Date: 15/09/2025 End Date: 15/09/2026 Job Type: Contract Company Introduction We have an exciting opportunity for a skilled Web Application Firewall (WAF) & Application Security Subject Matter Expert to join a high-profile programme. This role is pivotal in enhancing and tuning WAF solutions across a variety of applications to improve security posture and protect against advanced web-based threats. Job Responsibilities/Objectives You will be responsible for designing, testing, tuning, and implementing advanced WAF configurations … WAF management, tuning, and engineering, with a strong understanding of web application security principles. Proven ability to proactively identify and mitigate false positives. Background in SOC, CSIRT, AppSec, or Ethical Hacking with hands-on log analysis experience. Proficiency in analysing traffic patterns using tools such as Splunk, Wireshark, or custom scripts. Experience working with at least three major More ❯

everybody for who they are and what they bring to the table, supporting one another as we continue to deliver for our customers. LI-KS1 The role of Cyber Security Consultant sits within the Cyber Security team in Three UK, which is responsible for providing subject matter expertise and guidance to business units across Three's Network and … policy and standards. In this role you will have a broad and challenging remit, you will therefore need to be flexible and agile in your approach, switching between different security disciplines within the team as necessary. You will be engaging in the delivery of multiple business initiatives by introducing baseline and enhanced security requirements and supporting their implementation … through guidance and advice. You will also be recommending security solutions and then providing design input and technical approvals, assurances, and governance of deliveries that the project carries out with our colleagues and partners. Within the Security team itself you will be expected to collaborate with the wider team and security colleagues providing technical support and guidance More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

benefits to support your finances, wellbeing and family. Working Pattern: Permanent Full Time Flexible First options available The role We are seeking an experienced and visionary Head of Cyber Security Technology who will work across the SSE Group and deputise for the Group Chief Information Security Officer. The role holder will lead a small team to drive IT … and OT cyber security strategic direction and define and govern enterprise security architecture and will be the technical cyber security authority for the Group while also leading the Group wide IT security risk position working closely with Group IT. You will Develop and maintain the enterprise cyber security architecture for the Group including development of … the requirements of both IT and OT that aligns with industry standards, regulatory requirements and best practice in support of high risk and critical programmes and projects. Lead IT security risk position and lead consulting and assurance engagement into Group IT products and services. This includes overseeing the IT security risk position and mitigation planning. Management and challenge More ❯

Security Development & Test Director 6 Months Hybrid - Birmingham 2 days per week on site £800 per day (Inside IR35) We are currently recruiting for a dynamic Security Development and Test Director to join our growing Security team. This is a great opportunity for you to play a pivotal role in helping to shape our client's transformation … journeys. *** Please note - The selected candidate must be eligible for UK Security Clearance *** The Security Development and Test Director is responsible for overseeing the secure software development lifecycle, security testing, and DevSecOps practices at both strategic and operational levels. The role ensures the effectiveness of security practices in software development, manages security testing, drives operational … maturity improvements, and oversees secure coding practices. Operating at SFIA Level 6, the role requires the initiation, definition, and oversight of high-impact security development and testing activities. The Director is responsible for aligning security initiatives with business objectives and ensuring the organisation's resilience against evolving threats. Using your background in managing complex development and testing programs More ❯

source solutions, and embracing enterprise agile methodology. We encourage professional development to ensure you bring innovative ideas to our products while satisfying your own intellectual curiosity. Our Global Information Security team's mission is to ensure the development, implementation, and management of a comprehensive program that effectively protects the confidentiality, integrity, and availability of Point72 information assets. Our team … is comprised of security professionals with expertise in a diverse portfolio of security disciplines. What you'll do Collaborate with the DevOps team to design, implement, and manage a robust DevSecOps framework for our software development pipeline, integrating security tools and processes into our CI/CD workflows to enhance the developer experience Champion a security-first mindset within the development team, promoting secure coding practices and providing guidance on secure development methodologies Create security focused DevSecOps policies and standards and provide training and awareness to the development team Develop Key Risk Indicators (KRIs) to track security posture across business lines, measure progress and identify outliers Implement and manage security testing tools More ❯

cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. The successful candidate will … SOC/Threat/Forensics or CSIRT backgrounds - very experienced with analysing security logs to quickly ascertain TP/FP conviction and the techniques to except Ideally some AppSec/DevSecOps or Ethical Hacking experience - with a good understanding of Web Application attacks and security; they must be familiar with the OWASP Top 10 If they have … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities. Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic. Experience More ❯

Select how often (in days) to receive an alert: Location: Remote, IE GB Dublin 2, IE London, GB Application Security Architect Location: Ireland or UK (Hybrid/Remote/Office based) We are looking for a talented Application Security Architect to be part of our dedicated Bentley Infrastructure Cloud product security team at Bentley Systems. … both the global economy and environment for improved quality of life. We will rely on you for the following: Lead Secure Software Development Lifecycle best practices and standards. Perform security architecture and design reviews of applications. Collaborate with empowered teams to ensure secure design, development, implementation, and verification of applications. Provide remediation guidance and recommendations to developers and administrators. … Train developers and create educational presentations. Develop tools and automation supporting responsibilities. What You Bring to The Team: Around 10 years experience within software of which 4+years is in application Security Architecture Background in software and development Proficiency in securing cloud technologies Proficiency in reading, writing, and auditing code and the ability to learn new languages/technologies. More ❯

The Role We are looking for an exceptionally seasoned Security Architect with over 15 years of progressive experience, including extensive leadership in designing and implementing robust security architectures, particularly within large-scale cloud environments and the highly regulated financial domain. This role demands a deep understanding of complex security challenges, a proven track record of strategic influence … and the ability to translate business requirements into secure, scalable, and compliant technical solutions. Your responsibilities: Strategic Security Leadership: Define, evangelize, and evolve the overall cloud security architecture strategy and roadmap, aligning with business objectives, relevant European regulatory requirements (e.g., GDPR, DORA, PSD2, NIS2 Directive), and industry best practices. Act as a trusted security advisor to senior … leadership, engineering teams, and business units on all aspects of cloud security. Lead the development and implementation of security architectural standards, patterns, and guidelines for cloud-native and hybrid-cloud deployments. Solution Design & Assurance: Provide expert security architecture guidance for critical enterprise applications, infrastructure, and data platforms, with a strong focus on secure-by-design principles. Conduct comprehensive More ❯

We are currently looking for a WAF & Application Security SME to join an existing team at one of our retail banking clients. The role will be working on the enhancement of a Web Application Firewall across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF uplifts. This role involves a strong … cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities Identification and … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic Experience More ❯

We are currently looking for a WAF & Application Security SME to join an existing team at one of our retail banking clients. The role will be working on the enhancement of a Web Application Firewall across multiple solutions and applications and will be pivotal in crafting, testing, and implementing advanced WAF uplifts. This role involves a strong … cover WAF tuning via detailed log analysis, false positive detection and mitigation, and making tuning and configuration recommendations. The ideal candidate will have experience in SOC or CSIRT and AppSec or Ethical Hacking for in-depth log analysis and have previously worked with at least three major WAF vendors such as Akamai, F5, AWS, GCP, etc. Key Responsibilities Identification and … strong understanding of web application security principles. Proven track record of proactively identifying and mitigating false positives to optimize WAF performance. Background in SOC or CSIRT and AppSec or Ethical Hacking, demonstrating hands-on experience for the key responsibilities Proficiency in log analysis tools and techniques, with the ability to identify patterns and anomalies in web traffic Experience More ❯

Security Engineer Level: Mid-Level Location: One of our London, Basingstoke or Bristol offices, minimum of 2 days per week Team: Security/Engineering Salary: £48,120 - £64,150 About the Role: Welcome to Hawk-Eye Innovations; I'm Jon, the Senior Security Engineer at Hawk-Eye and the hiring manager for this position. We are looking … for a Security Engineer with a strong foundation in application and cloud security to help protect our organisation's digital assets and support the secure development of our products and infrastructure. You will work cross-functionally with engineering, product, and operations teams to embed security best practices across the software development lifecycle. This is an exciting … opportunity to make a meaningful impact on the security posture of a fast-moving technology environment while growing your expertise in modern cloud and application security. Key Responsibilities: Conduct security reviews and audits of applications and cloud infrastructure Implement security controls and testing into CI/CD pipelines Identify and remediate vulnerabilities in applications and cloud More ❯

Security Engineer Level: Mid-Level Location: One of our London, Basingstoke or Bristol offices, minimum of 2 days per week Team: Security/Engineering Salary: £48,120 - £64,150 About the Role: Welcome to Hawk-Eye Innovations; I'm Jon, the Senior Security Engineer at Hawk-Eye and the hiring manager for this position. We are looking … for a Security Engineer with a strong foundation in application and cloud security to help protect our organisation's digital assets and support the secure development of our products and infrastructure. You will work cross-functionally with engineering, product, and operations teams to embed security best practices across the software development lifecycle. This is an exciting … opportunity to make a meaningful impact on the security posture of a fast-moving technology environment while growing your expertise in modern cloud and application security. Key Responsibilities: Conduct security reviews and audits of applications and cloud infrastructure Implement security controls and testing into CI/CD pipelines Identify and remediate vulnerabilities in applications and cloud More ❯

Security Engineer Level: Mid-Level Location: One of our London, Basingstoke or Bristol offices, minimum of 2 days per week Team: Security/Engineering Salary: £48,120 - £64,150 About the Role: Welcome to Hawk-Eye Innovations; I'm Jon, the Senior Security Engineer at Hawk-Eye and the hiring manager for this position. We are looking … for a Security Engineer with a strong foundation in application and cloud security to help protect our organisation's digital assets and support the secure development of our products and infrastructure. You will work cross-functionally with engineering, product, and operations teams to embed security best practices across the software development lifecycle. This is an exciting … opportunity to make a meaningful impact on the security posture of a fast-moving technology environment while growing your expertise in modern cloud and application security. Key Responsibilities: Conduct security reviews and audits of applications and cloud infrastructure Implement security controls and testing into CI/CD pipelines Identify and remediate vulnerabilities in applications and cloud More ❯

challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … Management: Proactively identify, assess, and remediate security vulnerabilities to maintain the integrity and confidentiality of our customer data. Security Automation: Automate security processes and procedures to enhance efficiency and effectiveness, reducing the risk of human error. Security Requirements and Solutions: Identify, define, and document system security requirements, providing well-considered recommendations to management. Development of More ❯

Miro's Cloud Security team plays a critical role in ensuring the security, resilience, and integrity of Miro's platform infrastructure. We are entrusted with protecting both the foundational information assets and the collaborative experiences that enable our global customers to innovate with confidence. Operating as part of the broader Infrastructure organization, the Cloud Security team partners … closely with key engineering groups including Networking, Compute, and Observability to embed security deeply across Miro's cloud environment. The team also maintains strong alignment with our peers in the Security organization-such as Application Security and Detection & Response-ensuring a unified and strategic approach to securing our platform. At Miro, we are on a path … to achieving an industry-leading security posture. This ambition is reflected in our proactive governance frameworks, robust assurance and certification programs, and a long-term strategy anchored in automation, scalability, and risk-informed decision-making. About the Role Seeking a Senior Cloud Security Engineer to join our Cloud Security team. Your cloud and automation skills, combined with More ❯

Miro's Cloud Security team plays a critical role in ensuring the security, resilience, and integrityof Miro's platform infrastructure. We are entrusted with protecting both the foundational information assets and the collaborative experiences that enable our global customers toinnovate with confidence. Operating as part of the broader Infrastructure organization, the Cloud Security team partnersclosely with key … engineering groups including Networking, Compute, and Observability toembed security deeply across Miro's cloud environment. The team also maintains strongalignment with our peers in the Security organization-such as Application Security andDetection & Response-ensuring a unified and strategic approach to securing our platform.At Miro, we are on a path to achieving an industry-leading security … proactive governance frameworks, robust assurance and certification programs,and a long-term strategy anchored in automation, scalability, and risk-informed decision-making. About the Role Seeking a Senior Cloud Security Engineer to join our Cloud Security team. Your cloud andautomation skills, combined with a passion for security, will shape our Cloud security and automation capabilities. Cloud More ❯

Senior Consultant, Offensive Security (L3) United Kingdom and 2 more United Kingdom and 2 more Share This In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity-not just answers-in all areas … including, and valuing one another. As part of One team, One Kroll, you'll contribute to a supportive and collaborative work environment that empowers you to excel. Our Offensive Security professionals are on a mission to make the world a safer place, one company at a time. We believe that our work to help our clients discover and remediate … their unique security risks makes every one of us safer. Our clients trust us to use cutting-edge offensive security tools, creativity, imagination, and expert knowledge to find cybersecurity risks in their networks, systems, and software. We're looking to grow our team of offensive security experts in the United Kingdom. We test web and smartphone applications More ❯

As a Security Architect (Consultant) in Kainos, you'll be responsible for the design and application of good security practices in the platforms and services we build for our customers. You'll work with Agile delivery teams to develop good security practices throughout the software development journey. You'll learn about and apply new technologies and … provide direction and leadership for your team as you solve challenging problems together. Experience in the secure design and delivery of new cloud services and solutions. Experience in identifying security issues in existing system designs or products, including recommending sensible mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST … PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience testing the security of software and infrastructure using appropriate security tools. Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques. Experience of network security (e.g. OSI, TCP/IP), web application security (e.g. OWASP) and cryptographic controls More ❯

Strong experience in building secure web and mobile apps Experience with Security architecture, Application Security assessments, penetration testing, vulnerability assessment, Secure SDLC, and Static code reviews Certified Secure Software Lifecycle Professional (CSSLP) (desirable) Responsibilities: - Design, develop, and implement security frameworks and solutions to safeguard company's assets and infrastructure. - Conduct regular security audits and risk … assessments to identify and address potential vulnerabilities. - Develop and maintain security policies and procedures in accordance with industry standards. - Configure and manage security tools, such as firewalls, intrusion detection systems, and encryption technologies. - Monitor network traffic and system logs for suspicious activity and respond to security incidents in a timely manner. - Stay updated on the latest security threats and trends to anticipate potential risks and adapt security strategies accordingly. - Collaborate with IT teams to ensure that security measures are integrated into all aspects of technology development and implementation. - Conduct employee training programs to promote awareness of security best practices and protocols. Requirements: - Bachelor's degree in Computer Science, Information Technology, or a related More ❯

Your role at Dynatrace We're looking for a Lead Information Security Analyst with deep expertise in Salesforce (SFDC) security to help safeguard our enterprise systems and support secure digital transformation. Dynatrace exists to make the world's software work perfectly. Our unified software intelligence platform combines broad and deep observability and continuous runtime application security … values, ideas, and expertise. These qualities are what make our global team stronger and more seasoned. We're fueled by the diversity of our talented employees. • Represent the Corporate Security team in the selection and implementation of large ERP type packages. Most specifically SFDC but others as well. • Train and coordinate with systems application owners, data custodians, technical … leads, and business impact analysts on security standards, guidelines, and vendor risk management of the systems within the organization and sub organizations. • Build relationships with Dynatrace Business Systems application teams. • Create, conduct, and report on security audits and assessments for all systems applications (custom, SaaS and 3rd Party applications). • Provide guidance and support over the teams More ❯