National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Lead Application Security Engineer

WeDo
Manchester
1 week ago
Applications closed

Related Jobs

View all jobs

Application Security Engineering Lead

Senior Application Security Engineer

Principal Security Engineer

Senior Security Engineer/Technical Lead 80-100%

Security Engineer - Offensive Security / Purple Team Lead

Senior IT Security Engineer

Lead Application Security Engineer / Ethical Hacker / Security Researcher


Location:Fully Remote (UK-based only)

Salary:Up to £130,000 base + Bonus

Sector:FinTech – Digital Payments / Credit Platforms


About the Company

We are partnering with a UK-based FinTech at the forefront of redefining consumer credit. With a secure, cloud-native platform and a mission to simplify the customer finance experience, this business is scaling rapidly while maintaining a deep focus on technology, security, and user trust.

With a mature DevSecOps environment and Secure SDLC already in place, this is an opportunity to join a business where security is embedded, respected, and essential.


The Role

We are seeking aLead Application Security Engineerwith a strong technical background in software and payment security. This is not a governance or compliance role. You will be responsible for identifying and addressing vulnerabilities in the company’s applications – particularly across authentication and payment processing systems – using manual techniques, ethical hacking, and creative security research.

You will operate as a subject matter expert in application security, reporting directly to the CIO and working closely with the Head of Information Security (compliance-focused). The successful candidate will also have the opportunity to shape and grow a team underneath them.


Key Responsibilities

  • Proactively identify application-level vulnerabilities across authentication, payment flows, and core transactional systems
  • Perform manual penetration testing, code reviews, and threat modelling across a modern FinTech platform
  • Collaborate with engineering teams to remediate risks and implement secure development practices
  • Take ownership of the company’s application security layer and continuously assess risk exposure
  • Act as a technical leader in all matters related to AppSec, working with architecture, development, and infrastructure teams
  • Support and improve the existing Secure SDLC and DevSecOps environment
  • Provide guidance on security in design, development, and implementation phases


Required Experience

  • Demonstrable hands-on experience inapplication security, penetration testing, or ethical hacking
  • Proven background incard payment systems, payment processing, or credit card platforms
  • Strong technical understanding of web applications, APIs, authentication, and data security
  • Ability to identify and exploit vulnerabilities manually – beyond commercial tools
  • Knowledge of OWASP Top 10, secure coding principles, and threat modelling frameworks
  • Experience working in or with high-compliance environments (e.g. PCI DSS, ISO27001)
  • Comfortable working independently in a remote-first environment
  • Right to work in the UK


Nice to Have

  • Experience working in a FinTech, payments, or digital banking environment
  • Familiarity with modern cloud environments (e.g. Azure, AWS)
  • Background in software engineering, particularly in secure coding or architecture


Interview Process

  • Initial conversation with Head of Engineering
  • Second-stage interview with the CIO
  • Final stage including a potential take-home technical exercise


What’s on Offer

  • Salary up to £130,000 base + performance bonus
  • Fully remote working (UK-based only)
  • High-impact, high-autonomy role
  • Opportunity to build and lead a growing application security function
  • Join a business with a strong engineering culture and security mindset already in place
National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

How to Get a Better Cyber Security Job After a Lay-Off or Redundancy

Redundancy is never easy—especially in a fast-moving field like cyber security, where your skills and experience are constantly evolving. But if you’ve recently been made redundant from a cyber security role, know this: the UK cyber workforce remains in high demand, and your expertise is more valuable than ever. Whether you’re a SOC analyst, penetration tester, incident responder, security architect or GRC specialist, there are still thousands of opportunities across sectors including finance, defence, government, retail, and critical infrastructure. This guide will help you turn redundancy into a career relaunch, with a clear action plan tailored to the UK cyber security job market.

Cyber Security Jobs Salary Calculator 2025: Check Your Market Value in Seconds

Why yesterday’s pay survey no longer protects you. “Could I earn more at a managed SOC?” “Is that fintech’s offer really competitive?” Every UK cyber‑security professional asks some version of those questions—usually after another colleague lands a pay rise, a recruiter sends a tempting JD, or a fresh breach makes headline news. Yet salary guides published even last year feel as out‑of‑date as a forgotten antivirus signature. Since 2024, ransomware gangs switched to double‑extortion, deepfake phishing exploded, & the EU’s NIS2/DORA regulations bled into UK contracts despite Brexit. With each shift, salary bands move. To cut through stale averages, CybersecurityJobs.tech distilled a three‑factor formula that lets you estimate a realistic 2025 salary in under a minute. Feed in your role, your UK region, & your seniority level. The output arms you with data‑driven leverage for your next appraisal, job application, or freelance rate card. This article explains the formula, reveals the forces pushing cyber pay ever higher, & outlines five practical moves to boost your market value within ninety days.

How to Present Cyber Security Solutions to Non-Technical Audiences: A Public Speaking Guide for Job Seekers

Cyber security is no longer just an IT issue—it’s a board-level priority. Whether you’re applying for a role in penetration testing, security operations, risk management, or compliance, your ability to clearly explain cyber threats and solutions to non-technical stakeholders is vital. This guide will help cyber security job seekers develop one of the most in-demand soft skills in the industry: public speaking. You’ll learn how to simplify complex concepts, structure effective presentations, use storytelling and analogies, and handle common stakeholder questions with confidence.