Senior Cloud & Apps Security Engineer - Remote

Posted on 12 August 25 by Tom Iveson

  • London
  • £80000 - £110000
Logo

Powered by Tracker

Job Description

Senior Application Security Engineer (AppSec)

Location: UK REMOTE

Type: Full-time | Must be UK based can work remotely

Salary: £90,000 - £110,000 + Bonus + Benefits

 

 

About the Role

We’re seeking a hands-on Senior Application Security Engineer to join our growing security team. You’ll be instrumental in embedding security throughout the Software Development Life Cycle (SDLC), ensuring our applications are secure by design, default, and deployment. This role involves deep collaboration with engineering teams and a strong focus on secure code review, automation, and vulnerability management.

 

Key Responsibilities

  • Conduct detailed secure code reviews, identifying vulnerabilities and proposing fixes via pull requests.
  • Develop proof-of-concepts (PoCs) to validate and demonstrate security issues.
  • Write and maintain security-focused unit and integration tests.
  • Integrate and automate security tools (SAST, DAST, IAST) into CI/CD pipelines.
  • Lead threat modeling sessions and provide technical guidance to developers.
  • Deliver security training and awareness programs for engineering teams.
  • Reduce attack surface and conduct application security reviews (e.g., penetration testing).
  • Build and maintain real-time dashboards for vulnerability tracking and remediation.
  • Collaborate across teams including engineering, IT, compliance, and client support.

 

Essential Skills & Experience:

  • Strong programming skills in one or more languages: Python, JavaScript/TypeScript, Java, C#, Go.
  • Proven experience in secure code review, vulnerability assessment, and remediation.
  • Familiarity with CI/CD tools: GitHub Actions, GitLab CI, Jenkins, Azure DevOps.
  • Proficiency with security tools: Snyk, SonarQube, OWASP ZAP, Burp Suite, Checkmarx, Veracode.
  • Experience with security automation, including SBOM production and SCA.
  • Deep understanding of OWASP Top 10, secure coding standards, and threat modeling.
  • Strong communication skills for cross-functional collaboration and training delivery.
  • Experience with Docker security and containerized environments.
  • Knowledge of secure SDLC frameworks (e.g., Microsoft SDL, NIST SSDF).
  • Certifications such as OSCP, CSSLP, CEH, GIAC GWAPT, or AWS Cloud Practitioner.
  • Experience in cloud environments (e.g., AWS, Azure, GCP) and cloud-native security.

 

Why Apply?

  • Work with cutting-edge technologies in a dynamic, multi-domain environment.
  • Be part of a mission-driven team focused on protecting customer data and building resilient systems.
  • Opportunities for professional growth, training, and certification support

Job Information

Rate / Salary

£80000 - £110000

Sector

IT

Category

it

Skills / Experience

it

Benefits

Not Specified

Our Reference

JOB-1233

Job Location