Application Security Engineer – London (Hybrid) - £80,000 - £100,000 + Bonus + Benefits
Locke & McCloud are seeking an experienced Application Security Engineer to join our client, a forward-thinking organisation dedicated to securing their software and digital assets. As the company embarks on a phase of expansion and technological growth, application security is being prioritised as a key component of their strategy. In this role, you will be instrumental in protecting the organisation's applications by leading the design and implementation of comprehensive security measures. Your primary responsibilities will include ensuring adherence to security standards, guiding secure development practices, and fostering a culture of security throughout the organisation.
Main Responsibilities:
- Join our Security Engineering team to design, implement, and maintain key security services. Engage directly with stakeholders to create secure, user-friendly solutions.
- Leverage your expertise with major cloud platforms (IaaS, PaaS, Serverless, SaaS) on AWS and/or Azure. Work closely with engineering teams to ensure secure product delivery and review system architectures.
- Enforce secure coding practices, integrate security into the software development lifecycle, and manage security tools for continuous monitoring. Conduct security training for development teams and use threat modelling to highlight security measures.
- Implement policy-as-code and support secure practices using Infrastructure as Code, Containers, and CI/CD. Communicate the benefits of security controls and support developers with secure development tools and practices.
To be considered for this role, you should have:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
- Over 3 years of experience in application security, software engineering, or a related domain.
- Comprehensive understanding of web application security best practices and frameworks, including OWASP Top 10.
- Practical experience with various security assessment methods, including static and dynamic analysis, manual code review, and penetration testing.
- Proficient in programming languages commonly used in web development, such as JavaScript, Python, Java, Ruby, or Go.
- Experience with cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes).
- Hands-on experience with CI/CD pipelines and integrating security into the software development lifecycle.
- Familiarity with threat modeling, secure software design, and vulnerability management.
- Excellent communication and collaboration skills, with a track record of working effectively with cross-functional teams.
Our client offers a great working environment with various progression plans to suite your career goals, in addition to a generous benefits package including a 10% bonus, family private healthcare, a generous pension scheme, 25 days of annual leave, share options, flexible working options, and more.
If this role is of interest, please apply or reach out to Jacob – 07893921057 /[email protected]
Locke & McCloud are the UK’s leading cyber security & information security staffing company – through having a sole focus on the cyber & information security space we have been able to foster solid relationships with some of the UK’s most exciting cyber security consultancies & end users. Our focus on the information security space allows us to be able to help you find the most exciting.