Cloud Application Security Engineer

Cloud Application Security Engineer / AppSec Engineer / Cloud Security Engineer / AWS Security

Hybrid – London (2 days in-office) | Competitive Salary + Bonus + Benefits

Are you passionate about securing cutting-edge digital platforms in a fast-moving fintech environment? We're seeking an experienced Cloud Application Security Engineer to play a vital role in safeguarding our cloud infrastructure and applications. If you have expertise in AWS security, secure coding, Service Mesh / Observability, IAM / Okta, threat modelling and a strong understanding of security frameworks like ISO27001, OWASP or NIST, and the ability to drive secure coding practices, SAST and DAST, we want to hear from you!

About the Role

As a Cloud Application Security Engineer, you will be the go-to expert for ensuring secure development practices and implementing robust security controls across cloud and application environments. Working closely with DevOps and engineering teams, you will influence security strategy and ensure security is embedded at every stage of development.

Key Responsibilities:

• Perform in-depth security reviews, including secure code reviews and threat modelling.
• Develop and implement security controls to align with frameworks such as ISO 27001, NIST, and CIS benchmarks.
• Collaborate with development teams to enhance secure coding practices and strengthen CI/CD pipeline security.
• Oversee and improve cloud security in AWS, leveraging tools such as AWS Security Hub, AWS Shield, and AWS IAM.
• Manage the company’s bug bounty program, working with developers to resolve vulnerabilities.
• Establish security dashboards and metrics to track application security performance.
• Support the creation of secure design patterns and centralized security libraries.
• Ensure security best practices are promoted across engineering and infrastructure teams.

What We’re Looking For:

Essential Skills & Experience:

• Strong experience in AWS cloud security and related tools (e.g., AWS Shield, Security Hub, IAM).
• Strong expertise on cloud security on AWS and observability, including expertise on service mesh - and ideally hands on experience on IAM via Okta.
• Demonstrable experience of supporting on security using more broad controls.
• A strong understanding of vulnerability identification and exploitation techniques and proficiency in using security tools such as SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing)

• Knowledge of security frameworks such as ISO 27001, NIST, or CIS benchmarks.
• Experience in application security reviews, vulnerability management, and security controls implementation.
• Familiarity with OWASP Top 10, CWE, and secure coding practices.
• Basic coding/scripting skills in Python, JavaScript, or similar.
• Strong communication skills with the ability to engage technical and non-technical stakeholders.

Desirable Skills:

• Experience working in fintech, insurtech, or other regulated industries.
• Hands-on experience managing bug bounty programs.
• Relevant certifications such as OSCP, CISSP, or AWS Security Specialist.

What’s in It for You?

• Competitive Salary + Bonus (up to 20%).
• 25 days of annual leave plus bank holidays.
• Comprehensive benefits, including private medical and dental cover, life assurance (6x salary), and a generous pension scheme (10% employer contribution).
• Flexible hybrid working model with opportunities for career growth.
• Support for certifications and industry events to enhance your skills.
• Be part of a fast-growing fintech company where security is a top priority.

Why Join Us?

We combine innovation with robust security practices to deliver outstanding fintech solutions. As a Cloud Application Security Engineer, you’ll make a real impact by driving secure engineering practices, implementing security frameworks, and ensuring best-in-class protection for our customers.

Ready to take the lead in building a secure digital future? Apply now!