Application Security Engineer

Application Security Engineer / AppSec Engineer / Cloud Security Engineer

Hybrid London (2 days in-office) | Competitive Salary + Bonus + Benefits

Are you passionate about securing cutting-edge digital platforms in a fast-moving fintech environment? We're seeking an experienced Application Security Engineer to play a vital role in safeguarding our cloud infrastructure and applications. If you have expertise in AWS security, a strong understanding of security frameworks like ISO or NIST, and the ability to drive secure coding practices, we want to hear from you!

About the Role

As an Application Security Engineer, you will be the go-to expert for ensuring secure development practices and implementing robust security controls across cloud and application environments. Working closely with DevOps and engineering teams, you will influence security strategy and ensure security is embedded at every stage of development.

Key Responsibilities:

• Perform in-depth security reviews, including secure code reviews and threat modelling.
• Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks.
• Collaborate with development teams to enhance secure coding practices and strengthen CI/CD pipeline security.
• Oversee and improve cloud security in AWS, leveraging tools such as AWS Security Hub, AWS Shield, and AWS IAM.
• Manage the companys bug bounty program, working with developers to resolve vulnerabilities.
• Establish security dashboards and metrics to track application security performance.
• Support the creation of secure design patterns and centralized security libraries.
• Ensure security best practices are promoted across engineering and infrastructure teams.

What Were Looking For:

Essential Skills & Experience:

• Strong experience in AWS cloud security and related tools (e.g., AWS Shield, Security Hub, IAM).
• Knowledge of security frameworks such as ISO 27001, NIST, or CIS benchmarks.
• Experience in application security reviews, vulnerability management, and security controls implementation.
• Familiarity with OWASP Top 10, CWE, and secure coding practices.
• Proficiency in using security tools such as static and dynamic analysis tools.
• Basic coding/scripting skills in Python, JavaScript, or similar.
• Strong communication skills with the ability to engage technical and non-technical stakeholders.

Desirable Skills:

• Experience working in fintech, insurtech, or other regulated industries.
• Hands-on experience managing bug bounty programs.
• Relevant certifications such as OSCP, CISSP, or AWS Security Specialist.

Whats in It for You?

• Competitive Salary + Bonus (up to 20%).
• 25 days of annual leave plus bank holidays.
• Comprehensive benefits, including private medical and dental cover, life assurance (6x salary), and a generous pension scheme (10% employer contribution).
• Flexible hybrid working model with opportunities for career growth.
• Support for certifications and industry events to enhance your skills.
• Be part of a fast-growing fintech company where security is a top priority.

Why Join Us?

We combine innovation with robust security practices to deliver outstanding fintech solutions. As an Application Security Engineer, you will make a real impact by driving secure engineering practices, implementing security frameworks, and ensuring best-in-class protection for our customers.

Ready to take the lead in building a secure digital future? Apply now!