Cloud Application Security Engineer

ZipRecruiter

London

1 week ago

Create job alert

Job Description
Cloud Application Security Engineer / AppSec Engineer / Cloud Security Engineer / AWS Security
Hybrid – London (2 days in-office) | Competitive Salary + Bonus + Benefits
Are you passionate about securing cutting-edge digital platforms in a fast-moving fintech environment? We're seeking an experienced Cloud Application Security Engineer to play a vital role in safeguarding our cloud infrastructure and applications. If you have expertise in AWS security, secure coding, Service Mesh / Observability, IAM / Okta, threat modelling and a strong understanding of security frameworks like ISO27001, OWASP or NIST, and the ability to drive secure coding practices, SAST and DAST, we want to hear from you!
About the Role
As a Cloud Application Security Engineer, you will be the go-to expert for ensuring secure development practices and implementing robust security controls across cloud and application environments. Working closely with DevOps and engineering teams, you will influence security strategy and ensure security is embedded at every stage of development.
Key Responsibilities:
Perform in-depth security reviews, including secure code reviews and threat modelling.
Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks.
Collaborate with development teams to enhance secure coding practices and strengthen CI/CD pipeline security.
Oversee and improve cloud security in AWS, leveraging tools such as AWS Security Hub, AWS Shield, and AWS IAM.
Manage the company’s bug bounty program, working with developers to resolve vulnerabilities.
Establish security dashboards and metrics to track application security performance.
Support the creation of secure design patterns and centralized security libraries.
Ensure security best practices are promoted across engineering and infrastructure teams.
What We’re Looking For:
Essential Skills & Experience:
Strong experience in AWS cloud security and related tools (e.g., AWS Shield, Security Hub, IAM).
Strong expertise on cloud security on AWS and observability, including expertise on service mesh - and ideally hands on experience on IAM via Okta.
Demonstrable experience of supporting on security using more broad controls.
A strong understanding of vulnerability identification and exploitation techniques and proficiency in using security tools such as SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing)
Knowledge of security frameworks such as ISO 27001, NIST, or CIS benchmarks.
Experience in application security reviews, vulnerability management, and security controls implementation.
Familiarity with OWASP Top 10, CWE, and secure coding practices.
Basic coding/scripting skills in Python, JavaScript, or similar.
Strong communication skills with the ability to engage technical and non-technical stakeholders.
Desirable Skills:
Experience working in fintech, insurtech, or other regulated industries.
Hands-on experience managing bug bounty programs.
Relevant certifications such as OSCP, CISSP, or AWS Security Specialist.
What’s in It for You?
Competitive Salary + Bonus (up to 20%).
25 days of annual leave plus bank holidays.
Comprehensive benefits, including private medical and dental cover, life assurance (6x salary), and a generous pension scheme (10% employer contribution).
Flexible hybrid working model with opportunities for career growth.
Support for certifications and industry events to enhance your skills.
Be part of a fast-growing fintech company where security is a top priority.
Why Join Us?
We combine innovation with robust security practices to deliver outstanding fintech solutions. As a Cloud Application Security Engineer, you’ll make a real impact by driving secure engineering practices, implementing security frameworks, and ensuring best-in-class protection for our customers.
Ready to take the lead in building a secure digital future? Apply now!

#J-18808-Ljbffr

Related Jobs

View all jobs

Cloud Security Engineer

Lead Application Security Engineer

DevSecOps / Application Security Engineer

Senior IT Security Engineer

Cyber Security Engineer

Information Security Engineer

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jun 24, 2025

Jobs Careers

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.

Jun 17, 2025

Jobs

LinkedIn Profile Checklist for Cybersecurity Jobs: 10 Tweaks to Supercharge Recruiter Engagement

In the ever-evolving realm of cybersecurity, having a LinkedIn profile that reflects both your technical prowess and threat-hunting acumen is vital. Organisations are on the lookout for professionals skilled in penetration testing, incident response, security architecture and compliance. With hiring managers scanning dozens of profiles daily, your profile needs to not just rank in searches but convey your expertise in safeguarding digital assets. This step-by-step LinkedIn for cybersecurity jobs checklist offers ten practical tweaks to supercharge recruiter engagement. Whether you’re an aspiring security analyst, a seasoned penetration tester or a chief information security officer aiming for board-level roles, these actionable optimisations will sharpen your LinkedIn presence and position you as a top infosec candidate.

Jun 16, 2025

Education

Part-Time Study Routes That Lead to Cyber Security Jobs: Evening Courses, Bootcamps & Online Masters

The frequency and sophistication of cyber-attacks have exploded in recent years, making cyber security one of the UK’s most in-demand skill sets. From safeguarding NHS patient data to defending FTSE 100 financial systems, organisations across sectors require qualified professionals—penetration testers, security analysts, incident responders and security architects—to protect critical infrastructure. Yet many professionals cannot pause their careers to upskill full time. Fortunately, an ecosystem of part-time learning pathways—evening courses, intensive bootcamps and flexible online master’s programmes—enables you to learn cyber security while working. This comprehensive guide explores every route: foundational CPD, immersive bootcamps, accredited online MScs, plus funding options, planning strategies and a real-world case study. Whether you’re an IT support technician, a software developer or a compliance manager aiming to pivot into security, you’ll discover how to build expertise at your own pace.