Application Security Engineer, AppSec

AND Digital

full-time

Posted on: 9/4/2025

Origin: • 🇬🇧 United Kingdom

✨ AI Apply

Mid-LevelSenior

SDLC

About the role

Join SecOps team responsible for maintaining Security Champion programme, responding to security threats and incidents, and improving overall security posture
Take ownership of security for core technical applications including GitLab, Jira, Confluence, and internally built services
Aid preparation for and contribute to internal and external audits, particularly ISO:27001
Develop and maintain content and training materials for Security Champion programme and provide guidance to development teams
Contribute to creation, distribution, and continuous improvement of internal security policies and processes
Identify, triage, and manage vulnerabilities across application landscape and work with engineering teams to ensure timely remediation
Drive change, continuously develop skills, and support business platform security improvements

Minimum of three years of hands-on experience in Application Security or similar technical security-focused role (SAST, SCA, DAST, IaC etc)
Strong understanding of application security concepts, secure development lifecycles (SDLC), and common vulnerabilities and attack vectors (e.g., OWASP Top 10)
Experience with a range of security tools and technologies
Familiarity with compliance frameworks, particularly ISO:27001 (highly desirable)
Excellent communication skills; able to articulate technical security concepts to technical and non-technical audiences
Open to diverse backgrounds; self-starter with proactive mindset
Eagerness to learn, willingness to coach and mentor others, collaborative and strong problem-solving skills