Position Overview Fast growing FinTech seeking a technically proficient Principal ApplicationSecurity Architect to join our innovative FinTech organisation. This role is critical in shaping the security posture of complex, cloud-native applications that power fast-growing financial services and digital payments platforms. As an ApplicationSecurity Architect, you will work closely with software engineers … deployment and tuning of automated applicationsecuritytesting tools including Static ApplicationSecurityTesting (SAST), DynamicApplicationSecurityTesting (DAST), and Software Composition Analysis (SCA). Collaborate with development teams to integrate securitytesting seamlessly into CI/CD pipelines, enabling early detection and continuous monitoring of vulnerabilities. … security or secure software engineering, preferably within FinTech or highly regulated industries. Hands-on experience with a range of applicationsecuritytesting tools including SAST, DAST, and SCA, and integrating these into automated build and deployment pipelines. Practical expertise with threat modeling methodologies such as STRIDE, PASTA, or Attack Trees. Strong knowledge of secure coding standards More ❯
best work. Whether you're building on our platform, supporting our customers, or shaping our story: You can just ship things. About the Role: We are looking for aSenior ApplicationSecurity Engineerto join our security team (reporting to the Head of Security). In this role, you will drive critical applicationsecurity initiatives across … Vercel's products and platform. Your core focus will be onthreat modeling, open-source software security, secure code review, SDLC tooling, andbug bounty program management. You will support both our internal product engineering teams and customer-facing security programs, ensuring that security is embedded throughout our development lifecycle and that our platform earns the trust of developers … is required. Security Tools & Automation: Hands-on experience with applicationsecurity tooling such as static applicationsecuritytesting (SAST), dynamictesting (DAST), dependency vulnerability scanners, and CI/CD pipeline security integration. Familiarity withGitHub Advanced Securityor similar tools for code scanning and secret detection is a strong plus. Open Source and More ❯
Lead Test Engineer (Security) - Companies House - SEO Base salary is £41,571 - £45,784 with an additional DDaT allowance of £4,350 - £11,000 available Published on Full-time (Permanent) Base salary is £41,571 - £45,784 with an additional DDaT allowance of £4,350 - £11,000 available Published on 3 July 2025 Deadline 20 July 2025 Location Remote … least 5 of the following security tools and technologies: Burp Suite (including Burp Scanner) - for web application vulnerability scanning and manual security testing. OWASP ZAP - for DAST and automated security regression testing. Postman or SOAP UI - for API testing with a security focus (e.g. injection, authorisation, token misuse). OAuth2/OpenID Connect - for … secure code handling and integration with secrets scanners. Static ApplicationSecurityTesting (SAST) tools - e.g. SonarQube, Checkmarx, Semgrep. DynamicApplicationSecurityTesting (DAST) tools - e.g. OWASP ZAP, Burp Suite Pro. Infrastructure-as-Code (IaC) scanning tools - e.g. tfsec, Checkov. Threat modelling methodologies - e.g. STRIDE, PASTA, or creating risk-based test charters. Familiarity with More ❯
Senior Security Engineer We are seeking an experienced Senior Security Engineer to join our dynamicSecurity Team. In this key role, you will be a key contributor to Funding Circle's cloud and applicationsecurity posture. You will leverage your deep expertise in AWS security, secure software development lifecycle (SSDLC) practices, and CI …/CD security to implement and champion robust security solutions. You will act as a subject matter expert and mentor, collaborating closely with engineering and product teams to embed security seamlessly into our cloud infrastructure and development processes, ensuring the protection of our platform and customer data in a fast-paced FinTech environment. Who are we? We … demonstrable expertise in designing, implementing, securing, and managing a wide range of AWS security services . Proven, hands-on experience architecting, building, and integrating security tooling (SAST, DAST, SCA, secrets management, IAST) and automated security controls within CI/CD pipelines (e.g., GitLab CI, Jenkins, GitHub Actions). Strong track record of defining, implementing, measuring, and supporting More ❯
open, accessible, and fair financial future-one line of code at a time. As we scale our platform to serve millions of people each day, we seek a Senior ApplicationSecurity Engineer to join our dedicated security team. At security is more than a set of policies-it's a core mindset. As we continue to … innovate in the crypto space, you will tackle some of the most complex problems around securing a distributed financial platform. The Security team is responsible for guiding the design and implementation of secure systems across the company. Using a comprehensive range of tools and methodologies, we identify and mitigate security risks proactively, ensuring the protection of our users … in cryptocurrency-related projects being a strong plus. Strong knowledge of OWASP standards, Static ApplicationSecurityTesting (SAST), DynamicApplicationSecurityTesting (DAST), and Software Composition Analysis (SCA) tools. Familiarity with integrating these tools into CI/CD pipelines is highly desirable. Experience with security monitoring techniques and tools for detecting and More ❯
RMM Service Automation Platform and has a proven track record of helping MSPs standardize and automate the setup and delivery of IT services to achieve true scalability. The Senior ApplicationSecurity Engineer plays a critical role in enhancing our applicationsecurity posture by conducting advanced security assessments, leading security initiatives, and collaborating with development … teams to integrate security into the software development lifecycle. The position plays a key role in identifying and mitigating security vulnerabilities to protect our applications and data. This role is based in our Edinburgh hub. What You'll Do Assist in maturing organizational processes that drive complex security efforts for internal teams and external partners. Develop and … preferred Thorough understanding of OWASP Top 10 and Secure Development Expertise in automating security tools and integrations, including simple scripting Experience with applicationsecurity tools (SAST, DAST, IAST and SCA) Strong technical knowledge of development and production release process, including CI/CD Experience with the application of threat modeling and other risk identification techniques Scripting More ❯
Senior ApplicationSecurity Engineer page is loaded Senior ApplicationSecurity Engineer Apply locations London, UK time type Full time posted on Posted 2 Days Ago job requisition id JR100290 Who we are We're the people behind the global loyalty currency, Avios, and home to three ambitious, growing businesses;IAG Loyalty, British Airways Holidays andThe Wine … CI/CD pipelines, facilitate threat modelling sessions, and review security-sensitive design decisions around authentication, cryptography, and logging. You'll also ensure that tools such as SAST, DAST, and SCA are effective and efficient, and that testing programmes - including pen testing, vulnerability scanning, and bug bounty - are delivering value. You'll triage vulnerabilities, support engineering teams … including the OWASP Top 10 Proficient in coding, scripting (e.g. Python, Bash), and automating security in CI/CD Hands-on experience with security tools like SAST, DAST, and SCA Familiar with cloud environments (especially AWS), containers, and microservices Comfortable reviewing technical designs, performing threat modelling, and advising on secure architecture Strong communicator who collaborates well with engineers More ❯
Senior Test Engineer (Security) - Companies House - HEO Base salary is £40,398pa with an additional DDaT allowance of £4,350 - £11,000 available. Published on 3 July 2025. Deadline 20 July 2025. Location Remote working (anywhere in the UK) About the job Job summary This is an exciting opportunity in the Digital Services team! You'll be joining during … will help shape the future of our department. We use Agile methodologies and promote a culture of continuous improvement. We are seeking an enthusiastic Senior Test Engineer (Non-Functional Security) with strong technical skills to deliver and support securitytesting workstreams, including vulnerability assessments and penetration testing. You will guide other testers on securitytesting … OAuth2/OpenID Connect, Jenkins or Concourse, Unix/Linux systems, AWS or similar cloud providers, SQL/MongoDB/Oracle, Karate DSL or Rest Assured, Git, SAST/DAST tools, IaC scanning tools, threat modelling, OWASP Top 10 testing approaches. Behaviours Assessment will include: Making Effective Decisions Managing a Quality Service Working Together Seeing the Big Picture Technical More ❯
Leeds, Yorkshire, United Kingdom Hybrid / WFH Options
Junglee Games India Private Limited
Product Security Architect page is loaded Product Security Architect Apply locations Leeds, UK Dublin, Ireland posted on Posted 14 Days Ago job requisition id JR129906 Product Security Architect Product Security Architect Location - Leeds/Dublin Hybrid - 2 days per week At Flutter, Product Security encompasses not just application code, but also infrastructure as code … enterprise embed security into the product development lifecycles. This role is the key advisor on AppSec standards, secure development practices, threat modelling, and security tooling (e.g. SAST, DAST, SCA, IaC scanning, container security, etc.), ensuring consistency and maturity in how applications are built and maintained. By aligning teams with modern DevSecOps principles, developer enablement, and security … development of a global secure development policy, including approved tools, practices, and coding standards. Technology & Tooling Strategy: Evaluate, recommend, and support the rollout of AppSec tools such as SAST, DAST, SCA, container and IaC scanners, runtime protections, and CI/CD pipeline integrations. Collaborate with platform and DevOps teams to ensure tool integration and automation into developer workflows across brands. More ❯
Cardiff, South Glamorgan, Wales, United Kingdom Hybrid / WFH Options
Hoop Recruitment
Senior Test Engineer (Security) Location: Remote (UK-based) | Contract: PermanentSalary: £40,398 – £51,398 + excellent public sector benefitsWe’re proud to be working with a UK government organisation as they continue their digital transformation journey. They’re now looking to appoint a Senior Test Engineer (Security) to lead and enhance their non-functional testing capability.This is … a fantastic opportunity to work in a supportive, agile environment that prioritises innovation, collaboration and work-life balance. Key responsibilities: Deliver and support securitytesting workstreams, including vulnerability assessments and penetration testing. Lead on best practice in securitytesting and provide guidance to fellow testers. Collaborate closely with developers and delivery teams throughout the software development … lifecycle. Contribute to the design and implementation of automated securitytesting pipelines. Essential skills and experience: Proven experience in security testing. Certification in ethical hacking or penetration testing (e.g. 7Safe CSTA, GIAC), or currently working towards one. Working knowledge of at least five of the following: Burp Suite, OWASP ZAP, Postman, OAuth2/OpenID Jenkins or More ❯
see why Glassdoor and Comparably have recognized CaptivateIQ as a best place to work! About the role: Join our Cybersecurity Team and play a pivotal role in strengthening the security of our infrastructure, applications, and services. As a Security Engineer, you will apply your technical expertise across engineering, applicationsecurity, and incident response to help scale … and mature our security posture. This is a hands-on role that requires a collaborative mindset, strong problem-solving skills, and the ability to identify and respond to security challenges across attack surfaces. You'll work closely with Engineering, Product, and IT teams to embed security across the product lifecycle, triage and mitigate vulnerabilities, and proactively respond … scans, and targeted penetration tests of applications and infrastructure using common security tooling (e.g., Burp Suite, ZAP, Amass, Nmap). Assess and mitigate static (SAST) and dynamic (DAST) vulnerabilities across services and components. Evaluate, implement, and maintain security tooling to support vulnerability management, secure development, and event detection workflows. Define and track metrics related to applicationMore ❯
Cardiff, South Glamorgan, Wales, United Kingdom Hybrid / WFH Options
Hoop Recruitment
Lead Test Engineer (Security) Location: Remote (UK-based) | Contract: Permanent Salary: £41,571 – £56,784 We’re delighted to be supporting a UK government organisation as they continue to transform their digital services. They are now seeking a Lead Test Engineer (Security) to take ownership of the securitytesting strategy across their platforms.This is an opportunity … to lead, mentor, and influence securitytesting practices in an agile, forward-thinking digital department with a strong focus on public value, collaboration, and continuous improvement.Key responsibilities Lead the organisation’s approach to non-functional securitytesting across the full software development lifecycle. Manage and support a team of testers, providing coaching, mentoring, and oversight of … OWASP ZAP, Postman or SOAP UI, OAuth2/OpenID Jenkins/Concourse, Unix/Linux, AWS SQL/MongoDB/Oracle, Git, Karate DSL or Rest Assured SAST/DAST tools, IaC scanning, secrets detection tools Threat modelling (e.g. STRIDE, PASTA), OWASP Top 10 testing Salary & benefits Base salary: £41,571 – £45,784 DDaT allowance More ❯
Months Initially (Extensions Likely) £625.00 p/d Remote Based (Adhoc London - Travel Expensed) ASAP Start The Role: In this role you will work closely with the clients Cyber Security team. In this role, you will ensure the security of products being released into production environments—across containers, hosts, and APIs. You will play a part in identifying … Proactively identify, assess, and remediate vulnerabilities in applications and infrastructure (containers, hosts, APIs). Implement and manage static and dynamicapplicationsecuritytesting (SAST/DAST) tools and workflows. Support secure cloud deployments within AWS, ensuring compliance with internal and standards. Skills & Experience Strong experience in a DevSecOps or security-focused DevOps role. In-depth … knowledge and hands-on experience with SAST, DAST and API securitytesting Solid understanding of AWS and security configurations. Experience in securing Containerised environments Strong knowledge of vulnerability management tools and methodologies. Experience implementing automated deployments DevSecOps Engineer More ❯
Almondsbury, Gloucestershire, United Kingdom Hybrid / WFH Options
Frontier Resourcing
My growing defence client is seeking a Security Engineer. You'll join a leading organisation that develops cutting edge products and technology. Role Purpose You'll own the security posture across our client's product portfolio-encompassing software, hardware, and services-by embedding robust security controls throughout the development lifecycle, identifying and mitigating risks, and ensuring compliance … tests and automated vulnerability scans; validate fixes. Oversee third-party security assessments as required. Continuous Improvement Drive security tooling and automation (CI/CD integration, SAST/DAST). Stay ahead of emerging threats and security technologies; evangelise best practices across teams. Qualifications & Experience Proven experience (5+ years) in product or applicationsecurity within defence …/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with securitytesting tools and techniques (SAST, DAST, penetration testing). Eligible for UK SC clearance; right to work in the UK. Why Join? You'll Gain exposure to cutting-edge defence technology and intelligence insights. Good salary More ❯
challenges. We are dedicated to consistently updating our job descriptions to ensure we continue to lead in banking innovation. How you will contribute and key responsibilities: As a Senior Security Engineer, you will be instrumental in designing and implementing security measures for our mobile applications, services, and websites to meet the highest security standards. Your expertise will … help us continuously analyse and improve our security systems, ensuring that our products and services are not only secure by design but also comply with internal and external regulatory requirements. Other responsibilities include: Security Analysis and Improvement: Continuously analyse our security systems for potential improvements, ensuring that our defences remain at the forefront of cybersecurity practices. Vulnerability … driven streaming technologies, Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs, Working knowledge of agile DevSecOps environments, and CI/CD (Git, Concourse, Terraform), Working knowledge of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes, Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP), Security certification such More ❯
continuously evolving our recruitment processes to ensure fairness and are open to accommodating any needs you might have. If, due to a disability, you need adjustments to complete the application, please let us know by sending an email with your name, the role to which you would like to apply, and the type of support you need to complete … the application to . For any other non-disability related questions, please reach out to our Talent Partners. The Role In 2025 we are investing in improving security capabilities to our Engineering & Data group. We are looking for a security engineer to guide our engineering practices, improve security in our software delivery lifecycle, and work closely … for security incidents Requirements Experience with developing APIs and Frontend applications Experience architecting secure systems at scale Experience integrating securitytesting into the SDLC i.e. SAST, DAST, SCA Experience with vulnerability scanning and software patching at scale Experience working with at least one major cloud provider (AWS specifically is advantageous) Strong networking foundations Experience with infrastructure as More ❯
65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on ApplicationSecurity and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: DevSecOps experience ApplicationSecurity expertise across SAST, DAST & SCA Background and experience in Software Development/Scripting/Automation Ability to work in a fast-paced environment Ability to work on-site for key strategic/important meetings More ❯
London, South East, England, United Kingdom Hybrid / WFH Options
FOUNDATIONS EXECUTIVE SEARCH
65k - £78K + bonus, benefits) We are working with a globally renowned and industry leading UK brand who are going through an exciting phase of growth across their wider Security function, resulting in the need for a DevSecOps Engineer. As a DevSecOps Engineer, you will work within a newly established team in a role that sees you provide hands … on ApplicationSecurity and DevSecOps responsibilities, as well as being involved in various strategic activities. Your duties would include setting-up, securing and enhancing pipelines, scripting and automation, as well as looking at how things are done, what improvements can be made, supporting cyber change initiatives and driving security awareness/practices as necessary. This role will … companies of a similar size, who also offer some of the best perks & benefits available! Key skills and experience required: · DevSecOps experience · ApplicationSecurity expertise across SAST, DAST & SCA · Background and experience in Software Development/Scripting/Automation · Ability to work in a fast-paced environment · Ability to work on-site for key strategic/important meetings More ❯
opportunity to join a large-scale digital transformation programme aimed at uniting multiple internal business units under a new, secure, cloud-native digital platform. Ideal for a hands-on Security Engineer who enjoys embedding security into the development lifecycle and working with modern tooling and cloud environments. The successful Security Engineer's responsibilities will include: Analysing new … subnets, zones) Experience with API security and integration-related platforms such as Auth0 or API Gateways Proficiency with security tools including SAST (e.g. Snyk, Checkmarx), SCA, and DAST (e.g. OpenZAP, Qualys DAST) Ability to manage secure operations of large-scale software estates, including deployment pipelines, rollback strategies, and uptime monitoring Practical experience building automated security test suites … Engineering, Cybersecurity Engineer, Information Security Specialist, Salesforce, Azure, OWASP CI/CD, DSOMM, SAMM, Cloud Security Posture Management, Prisma Cloud, Azure Defender, Snyk, Checkmarx, OpenZAP, Qualys, DAST, SAST, CI/CD, Infrastructure Security, Auth0, Secure APIs, Networking Protocols, DevSecOps, Secure Development, CRM Security Next Steps Please click "Apply now" and submit your up-to-date More ❯
Bournemouth, Dorset, United Kingdom Hybrid / WFH Options
Nourish Care
Job Title: Head of Information Security Reporting To: Chief Technology Officer Location: Bournemouth/Hybrid Working Salary: Competitive Job Type: Full Time 37.5 hours a week Our Purpose Nourish Care is the UK market leader in digital social care planning. Our SaaS platform empowers care providers to deliver more transparent, coordinated, and person-centred care. With thousands of care … product, we are scaling fast and aiming even higher - our mission is simple: better care for all. About the Job We're looking for an experienced Head of Information Security to lead and scale Nourish's security strategy in a fast-paced, cloud-native, multi-product SaaS environment. You'll be responsible for safeguarding the confidentiality, integrity, and … vulnerability scanning Collaborate with Product and Engineering teams on threat modelling, penetration testing, and remediation efforts Select, implement, and manage key SaaS security tooling (e.g. SAST/DAST, SIEM, CSPM, endpoint protection, IAM) Ensure alignment with cloud-native architecture and tooling (we primarily use AWS, GitHub Actions, and Terraform) Compliance & Assurance Lead ongoing readiness and evidence for ISO More ❯
future states of the organisation and make faster, more informed decisions. The company is headquartered in London, with offices in Philadelphia, The Hague, Toronto, and Sydney. Role The Principal Security Engineer is a strategic, hands-on leader responsible for evaluating, evolving, and executing Orgvue's security engineering strategy across our entire application development and cloud-hosting estate. … Partnering closely with Information Security, Engineering, and Product teams, you will embed secure-by-design principles throughout the software-development lifecycle (SDLC), champion modern DevSecOps practices, and ensure that security is a first-class citizen in everything we build and operate. This role reports directly to the Chief Technology Officer (CTO) and maintains a dotted-line relationship with … Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to leadership. Tooling & Automation - Evaluate, select, and integrate security tooling (SAST, DAST, SCA, container scanners, CSPM, CWPP) and champion IaC/Terraform modules for reusable controls. Collaboration & Mentorship - Act as a trusted advisor to engineering squads, provide security training, and mentor More ❯
we're enabling the fully automated enterprise-but innovation must be secure to be transformative. That's where you come in. We're looking for a Field Chief Information Security Officer (Field CISO) to serve as a strategic security advisor to our customers and partners, guiding them through the complex landscape of compliance, governance, and secure development of … Automations and Agentic AI. You'll work at the intersection of customer success, product innovation, and cybersecurity thought leadership-translating strategic security insights into real-world impact. What you'll do Act as the primary security advisor for clients, assessing their needs, and providing strategic recommendations. Conduct security risk assessments and design tailored strategies that align with … of security frameworks (e.g., NIST, ISO 27001) and compliance standards (e.g., GDPR, HIPAA, PCI-DSS). Strong expertise in secure SDLC, and applicationsecurity tooling (SAST, DAST, SCA). Excellent communication skills with the ability to influence executive and technical stakeholders. Experience advising on or implementing security strategies in enterprise environments. Familiarity with software development practices More ❯
where you will be making an impact on the financial lives of thousands of savers. We're regulated by the Financial Conduct Authority in the UK. As a Senior Security Engineer, you will play a key role in protecting our systems, networks, and data while ensuring compliance with industry leading security standards such as ISO 27001. Your contributions … will be essential in maintaining customer trust and safeguarding critical information assets. This role sits within thePlatform Engineering Teamand requires a strong technical background, hands-on experience with security tools, and a collaborative mindset to work effectively across teams. The role will involveplatform engineering activities, contributing to the design, implementation, and optimisation of scalable infrastructure. If you're motivated … technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, antivirus solutions, encryption mechanisms, and vulnerability assessment tools. Hands-on experience in security tools (e.g., SAST, DAST, OWASP ZAP). Relevant security certifications, such as Security+, IAT II/III level, or equivalent. Strong capability in risk assessment, vulnerability management, and data informed decision-making. Solid More ❯
Worthing, Sussex, United Kingdom Hybrid / WFH Options
Equiniti
the impact of new technologies and digital services. Apply innovative thinking to deliver customer value. Communicate effectively to broad audiences. Advance own skills and manage development opportunities. Contribute to security, privacy, and ethics practices. Provide line management, guidance, coaching, and mentoring. Develop and maintain software development standards and best practices. Promote engineering excellence and quality. Optimize engineering lifecycle through … knowledge management and learning. Build talent pipelines via hiring, internal movements, and succession planning. Evaluate emerging technologies for competitive advantage. Articulate technical roadmaps and oversee platform validation. Ensure platform security, scalability, and performance, monitoring KPIs and addressing issues. … Lead multiple Agile teams in platform development and technical excellence. Technical Skills REST/WCF Services Database Design Responsive web design Web accessibility and security principles SAST and DAST tools Message queuing systems Application architecture Source control (Azure DevOps, GIT, TFSVC) CI/CD, Blue/Green deployments Azure, AWS Identity Access (AADS, Oauth, Okta) ORM tools, Umbraco More ❯