Senior Application Security Engineer

At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for aSenior Application Security Engineerto lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team!

Key Responsibilities:

• 
  
• Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development.
  
• Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management.
  
• Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls.
  
• Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams.
  
• Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies.
  

Essential:

• 
  
• 5+ years of experience in application security, with at least 3+ years in software development.
  
• Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms.
  
• Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization).
  
• Proficiency in programming languages such as Python, Java, JavaScript, GoLang, and Rust.
  
• Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously.
  

Desired:

• 
  
• Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards.
  
• Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams.
  

• 
  
• Pension company contribution = 3%
  
• Incentive scheme up to 10% of annual salary, based on company performance.
  
• Your wellbeing is paramount so you can get away and take33 Days Holiday per year.
  
• Private Medical Care(Self after 1 year)
  
• Learning and Development opportunitywith Holland & Barrett is a great base for career development long term.
  
• Career progression.
  
• Refer and Earn Scheme- as we're growing you can earn money by referring people to join us from your network.
  
• Epic Extrasgives you access to exclusive benefits, free advice and savings from a range of retailers and providers.
  
• Stay healthy with Discounted Products- from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy.
  
• We all need a little help sometimes, so weofferFree 24/7 Confidential Advice & Colleague Welfare.
  
• Mental Health First Aiders- we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing.
  
• Stay active in theOnsite Gymat our Nuneaton Hub!
  
• We havecolleague Reward and Recognition Schemes, so your hard work and loyalty won't go unnoticed.
  
• And many more!
  

We're passionate about helping every colleague thrive across all dimensions of wellbeing, and we're committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues' unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B. 

Holland & Barrettdoes not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).