Senior Application Security Engineer - HandBandME

Vimdesign
London
10 months ago
Applications closed

Related Jobs

View all jobs

Senior Security Engineer

Senior Network Engineer

Network Security Architect

Senior Infrastructure Architect

Software Architect - Security Design

Senior AI Automation Engineer

Senior Application Security Engineer - HandBandME

Join to apply for theSenior Application Security Engineer - HandBandMErole atShanghai VIM Industrial Design Co., Ltd.

About The Role:

About Holland & BarrettHolland & Barrett is on a mission to make health and wellness a way of life for everyone. As part of our digital transformation, we are looking for aSenior Application Security Engineerto join ourH&B&Meteam, playing a key role in embedding security within our technology landscape. If youre passionate about application security and want to drive innovation within a forward-thinking environment, we want to hear from you!

The Role:

As aSenior Application Security Engineer, you will help define and execute Holland & Barretts application security strategy. You will work closely with development, product, and security teams to implement best practices, promote security-by-design principles, and ensure our software development lifecycle (SDLC) remains secure and efficient.

Key Responsibilities:

  • Define and implement the H&B application security strategy, ensuring security is embedded from the earliest stages of product development.
  • Establish a secure software development lifecycle (SDLC) to enable development teams to deliver faster while maintaining software integrity, authenticity, and third-party library security.
  • Conduct risk assessments, threat modelling, attack trees, and code and architecture reviews in collaboration with development teams, using findings to drive security improvements.
  • Develop and maintain security standards and guidelines, including reusable infrastructure and application code artefacts for development teams.
  • Provide expert guidance and support to development teams on secure coding practices and mitigating security risks.

Essential Requirements:

  • 5+ years of experience in application security, with at least 3+ years in software development.
  • Deep understanding of secure coding practices, threat modelling, vulnerability management, encryption, authentication, and access control.
  • Hands-on experience with AWS, Kubernetes, Service Mesh, and API Security (authentication and authorization).
  • Strong knowledge of security in CI/CD pipelines.
  • Proficiency in programming languages such as Python, Java, JavaScript, GoLang, or Rust.
  • Experience working in Agile environments (SCRUM) and managing multiple security projects.

Desired Requirements:

  • Ability to work independently, take initiative, and uphold high security standards.
  • Strong communication and collaboration skills, with the ability to engage technical and non-technical teams effectively.

If youre an experiencedApplication Security Engineerlooking for your next challenge, apply today and help shape the future of security at Holland & Barrett!

What We Offer:

  • Pension company contribution = 3%
  • Incentive scheme up to 10% of annual salary, based on company performance.
  • Your wellbeing is paramount so you can get away and take 33 Days Holiday per year.
  • Private Medical Care (Self after 1 year)
  • Learning and Development opportunity with Holland & Barrett is a great base for career development long term.
  • Career progression.
  • Refer and Earn Scheme - as were growing you can earn money by referring people to join us from your network.
  • Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers.
  • Stay healthy with Discounted Products - from day one youll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy.
  • We all need a little help sometimes, so we offer Free 24/7 Confidential Advice & Colleague Welfare.
  • Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing.
  • Stay active in the Onsite Gym at our Nuneaton Hub!
  • We have colleague Reward and Recognition Schemes, so your hard work and loyalty wont go unnoticed.
  • And many more!

Were passionate about helping every colleague thrive across all dimensions of wellbeing, and were committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B.

Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).

Seniority level

  • Mid-Senior level

Employment type

  • Full-time

Job function

  • Information Technology
  • Industries: Computer and Network Security

J-18808-Ljbffr

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

Jobs

What Hiring Managers Look for First in Cyber Security Job Applications (UK Guide)

If you want to stand out in the highly competitive world of cyber security job applications, you need to understand what hiring managers look for before they even finish reading a CV. Cyber security hiring managers scan applications quickly and with specific priorities in mind. They assess not just your technical ability, but your judgement, professionalism, clarity, risk awareness and evidence of impact. This guide explains what hiring managers look for first in cyber security applications across roles like Security Analyst, Security Engineer, Penetration Tester, Incident Responder, Security Architect, Governance Risk and Compliance specialists and Cloud Security positions. Use this as a practical, step-by-step checklist to sharpen your CV, LinkedIn profile, cover letter and portfolio before you apply on www.cybersecurityjobs.tech .

Education

The Skills Gap in Cyber Security Jobs: What Universities Aren’t Teaching

Cyber security has become one of the most critical disciplines in the modern economy. From protecting financial systems and healthcare data to securing national infrastructure, cloud platforms and supply chains, cyber security professionals now sit at the frontline of digital trust. Demand for cyber security talent in the UK has surged. Job vacancies remain high, salaries continue to rise, and organisations across every sector report difficulty hiring skilled professionals. Yet despite this demand, many graduates struggle to break into cyber security roles and employers consistently report that candidates are not job-ready. The problem is not intelligence, ambition or academic effort. It is a persistent and widening skills gap between university education and real-world cyber security work. This article explores that gap in depth: what universities teach well, what they routinely miss, why the gap exists, what employers actually want, and how jobseekers can bridge the divide to build sustainable careers in cyber security.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.