National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Lead Application Security Engineer

WeDo
Manchester
6 days ago
Create job alert

Title: Lead Application Security Engineer

Location: Fully Remote (UK-based)

Salary: £110,000 – £130,000 base + Bonus

Sector: FinTech / Digital Consumer Finance


We’re recruiting on behalf of aUK-based FinTechthat’s simplifying how consumers engage with credit – offering digital credit cards and financial services built on cloud-native architecture and driven by data.


They are looking to hire ahighly technical, hands-on Lead Application SecurityEngineerto take full ownership of the application security landscape – not from a policy or governance standpoint, but through deep, practical expertise in identifying and fixing vulnerabilities across live systems.


This role is perfect for awhite hat hacker mindset– someone who thrives in proactively breaking applications, exposing flaws in logic, authentication, payment processing, or APIs, and using creativity (not just tooling) to harden applications from real-world threats.


What Makes This Role Stand Out?

  • You’ll be hands-on: This is not a governance or compliance function. It’s about deep technical engagement with the codebase, systems, and application architecture.
  • You’re walking into a mature environment: The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built.
  • You’ll have impact and visibility: Reporting to theCIO, with close collaboration with theHead of Information Security(compliance), you’ll shape the AppSec strategy while also getting into the code.
  • You’ll build your own team: This role includes team growth – you’ll start as a leader and grow your own capability beneath you.


What You’ll Be Doing:

  • Actively identifying vulnerabilities in applications, especially aroundauthentication flows, payments, and sensitive data handling
  • Thinking creatively and adversarially – “breaking the app” to protect it
  • Performing penetration testing, threat modelling, and secure code reviews
  • Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline
  • Advising on product and architectural design from a security-first lens
  • Contributing to a security culture that prioritises customer trust and system integrity


What We’re Looking For:

  • Deep hands-on experiencein application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities
  • A proven background incredit cards, payments, or financial transaction systems
  • Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure)
  • Familiarity with OWASP Top 10, SAST/DAST, and a variety of pen testing techniques
  • A desire to build and lead a team, while remaining technical and practical day to day
  • Right to work in the UK and ability to work remotely from within the UK


Recruitment Process:

  1. Initial call with Head of Engineering
  2. Second stage with CIO
  3. Final conversation and potentially a take-home exercise


If you're ready to be the attacker before the attacker is, and want to lead AppSec in an ambitious and growing FinTech, we’d love to hear from you.

Related Jobs

View all jobs

Application Security Engineer

Application Security Engineer

Cloud Application Security Engineer

Product Security Engineer

Security Engineering Manager, SDO AppSec EMEA

Lead IT Security Engineer (Zscaler)

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs Careers

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.

Jobs

LinkedIn Profile Checklist for Cybersecurity Jobs: 10 Tweaks to Supercharge Recruiter Engagement

In the ever-evolving realm of cybersecurity, having a LinkedIn profile that reflects both your technical prowess and threat-hunting acumen is vital. Organisations are on the lookout for professionals skilled in penetration testing, incident response, security architecture and compliance. With hiring managers scanning dozens of profiles daily, your profile needs to not just rank in searches but convey your expertise in safeguarding digital assets. This step-by-step LinkedIn for cybersecurity jobs checklist offers ten practical tweaks to supercharge recruiter engagement. Whether you’re an aspiring security analyst, a seasoned penetration tester or a chief information security officer aiming for board-level roles, these actionable optimisations will sharpen your LinkedIn presence and position you as a top infosec candidate.

Education

Part-Time Study Routes That Lead to Cyber Security Jobs: Evening Courses, Bootcamps & Online Masters

The frequency and sophistication of cyber-attacks have exploded in recent years, making cyber security one of the UK’s most in-demand skill sets. From safeguarding NHS patient data to defending FTSE 100 financial systems, organisations across sectors require qualified professionals—penetration testers, security analysts, incident responders and security architects—to protect critical infrastructure. Yet many professionals cannot pause their careers to upskill full time. Fortunately, an ecosystem of part-time learning pathways—evening courses, intensive bootcamps and flexible online master’s programmes—enables you to learn cyber security while working. This comprehensive guide explores every route: foundational CPD, immersive bootcamps, accredited online MScs, plus funding options, planning strategies and a real-world case study. Whether you’re an IT support technician, a software developer or a compliance manager aiming to pivot into security, you’ll discover how to build expertise at your own pace.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.