National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Lead Application Security Engineer

JR United Kingdom
Brighton
2 weeks ago
Applications closed

Related Jobs

View all jobs

Lead Application Security Engineer

Senior Application Security Engineer

Senior Application Security Engineer @ IAG Loyalty

Senior Application Security Engineer

Application Security Engineering Lead | Glasgow, UK

Application Security Engineering Lead

Social network you want to login/join with:
Lead Application Security Engineer, brighton col-narrow-left
Client: WeDo
Location: brighton, United Kingdom
Job Category: Other
-
EU work permit required: Yes
col-narrow-right
Job Views: 5
Posted: 26.06.2025
Expiry Date: 10.08.2025
col-wide
Job Description: Title: Lead Application Security Engineer
Location: Fully Remote (UK-based)
Sector: FinTech / Digital Consumer Finance
We’re recruiting on behalf of a UK-based FinTech that’s simplifying how consumers engage with credit – offering digital credit cards and financial services built on cloud-native architecture and driven by data.
They are looking to hire a highly technical, hands-on Lead Application Security Engineer to take full ownership of the application security landscape – not from a policy or governance standpoint, but through deep, practical expertise in identifying and fixing vulnerabilities across live systems.
This role is perfect for a white hat hacker mindset – someone who thrives in proactively breaking applications, exposing flaws in logic, authentication, payment processing, or APIs, and using creativity (not just tooling) to harden applications from real-world threats.
What Makes This Role Stand Out?
You’ll be hands-on : This is not a governance or compliance function. It’s about deep technical engagement with the codebase, systems, and application architecture.
You’re walking into a mature environment : The company already has Secure SDLC and DevSecOps practices in place. This isn’t a ground-up build – it’s about stress-testing and strengthening what’s already built.
You’ll have impact and visibility : Reporting to the CIO , with close collaboration with the Head of Information Security (compliance), you’ll shape the AppSec strategy while also getting into the code.
You’ll build your own team : This role includes team growth – you’ll start as a leader and grow your own capability beneath you.
What You’ll Be Doing:
Actively identifying vulnerabilities in applications, especially around authentication flows, payments, and sensitive data handling
Thinking creatively and adversarially – “breaking the app” to protect it
Performing penetration testing, threat modelling, and secure code reviews
Working directly with developers to integrate security best practices into an already-operational DevSecOps pipeline
Advising on product and architectural design from a security-first lens
Contributing to a security culture that prioritises customer trust and system integrity
What We’re Looking For:
Deep hands-on experience in application security – not just theory, but experience in secure coding, manual testing, and fixing complex vulnerabilities
A proven background in credit cards, payments, or financial transaction systems
Understanding of modern application architectures (APIs, microservices, cloud platforms – likely Azure)
Familiarity with OWASP Top 10, SAST/DAST, and a variety of pen testing techniques
A desire to build and lead a team, while remaining technical and practical day to day
Right to work in the UK and ability to work remotely from within the UK
Recruitment Process:
Initial call with Head of Engineering
Second stage with CIO
Final conversation and potentially a take-home exercise
If you're ready to be the attacker before the attacker is, and want to lead AppSec in an ambitious and growing FinTech, we’d love to hear from you.

#J-18808-Ljbffr

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Cyber Security Jobs Skills Radar 2026: Emerging Frameworks, Tools & Certifications to Learn Now

Cyber threats are evolving—and so must the people defending against them. As ransomware, AI-enhanced phishing, and supply chain attacks grow more advanced, UK employers are urgently hiring cyber security professionals with the right mix of strategic and hands-on skills. Welcome to the Cyber Security Jobs Skills Radar 2026, your go-to guide for the most in-demand tools, frameworks, certifications, and technologies shaping the UK's cyber workforce. Whether you're a SOC analyst, penetration tester, or cloud security architect, this annual radar is designed to help you stay ahead of the market.

How to Find Hidden Cyber Security Jobs in the UK Using Professional Bodies like BCS, CIISec & More

The demand for skilled cyber security professionals in the UK has never been higher. With threats increasing in sophistication and frequency, organisations are urgently hiring ethical hackers, threat analysts, GRC specialists, and security architects. But many of the most valuable roles—particularly in government, defence, and critical infrastructure—are never publicly advertised. Instead, these jobs are shared behind the scenes through trusted networks, private communities, and professional bodies. In this article, we explore how to uncover hidden cyber security jobs in the UK using organisations like the BCS (The Chartered Institute for IT), CIISec (The Chartered Institute of Information Security), ISACA, and ISC² UK Chapter. We’ll show you how to use membership directories, special interest groups, CPD events and informal networks to gain early access to roles most people never see.

How to Get a Better Cyber Security Job After a Lay-Off or Redundancy

Redundancy is never easy—especially in a fast-moving field like cyber security, where your skills and experience are constantly evolving. But if you’ve recently been made redundant from a cyber security role, know this: the UK cyber workforce remains in high demand, and your expertise is more valuable than ever. Whether you’re a SOC analyst, penetration tester, incident responder, security architect or GRC specialist, there are still thousands of opportunities across sectors including finance, defence, government, retail, and critical infrastructure. This guide will help you turn redundancy into a career relaunch, with a clear action plan tailored to the UK cyber security job market.