Social network you want to login/join with:
Lead Application Security Engineer, high wycombe
col-narrow-left
Client:
WeDo
Location:
high wycombe, United Kingdom
Job Category:
Other
-
EU work permit required:
Yes
col-narrow-right
Job Views:
6
Posted:
26.06.2025
Expiry Date:
10.08.2025
col-wide
Job Description:
Title: Lead Application Security Engineer
Location: Fully Remote (UK-based)
Sector: FinTech / Digital Consumer Finance
We’re recruiting on behalf of a
UK-based FinTech
that’s simplifying how consumers engage with credit – offering digital credit cards and financial services built on cloud-native architecture and driven by data.
They are looking to hire a
highly technical, hands-on Lead Application Security
Engineer
to take full ownership of the application security landscape – not from a policy or governance standpoint, but through deep, practical expertise in identifying and fixing vulnerabilities across live systems.
This role is perfect for a
white hat hacker mindset
– someone who thrives in proactively breaking applications, exposing flaws in logic, authentication, payment processing, or APIs, and using creativity (not just tooling) to harden applications from real-world threats.
What Makes This Role Stand Out?
You’ll be hands-on : This is not a governance or compliance function. It’s about deep technical engagement with the codebase, systems, and application architecture.
You’re walking into a mature environment : The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built.
You’ll have impact and visibility : Reporting to the
CIO , with close collaboration with the
Head of Information Security
(compliance), you’ll shape the AppSec strategy while also getting into the code.
You’ll build your own team : This role includes team growth – you’ll start as a leader and grow your own capability beneath you.
What You’ll Be Doing:
Actively identifying vulnerabilities in applications, especially around
authentication flows, payments, and sensitive data handling
Thinking creatively and adversarially – “breaking the app” to protect it
Performing penetration testing, threat modelling, and secure code reviews
Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline
Advising on product and architectural design from a security-first lens
Contributing to a security culture that prioritises customer trust and system integrity
What We’re Looking For:
Deep hands-on experience
in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities
A proven background in
credit cards, payments, or financial transaction systems
Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure)
Familiarity with OWASP Top 10, SAST/DAST, and a variety of pen testing techniques
A desire to build and lead a team, while remaining technical and practical day to day
Right to work in the UK and ability to work remotely from within the UK
Recruitment Process:
Initial call with Head of Engineering
Second stage with CIO
Final conversation and potentially a take-home exercise
If you're ready to be the attacker before the attacker is, and want to lead AppSec in an ambitious and growing FinTech, we’d love to hear from you.
Please note that if you are NOT a passport holder of the country for the vacancy you might need a work permit.
Check our Blog for more information.
Bank or payment details should not be provided when applying for a job. Eurojobs.com is not responsible for any external website content. All applications should be made via the 'Apply now' button.
Created on 26/06/2025 by JR United Kingdom
#J-18808-Ljbffr
:quality(80))
:quality(80))
:quality(80))