Application Security Engineer / Cloud Security Engineer

Would you like to join a company rooted in technology, where you work with the latest technologies and are empowered to make a difference?

Do you enjoy working as part of an enthusiastic, passionate, and collaborative team?

Join our Internal Technology Team!

Softcat is an amazing success story and as part of our continued growth we are investing significantly more in a new technology strategy going forward. Softcat's internal Technology Team is undergoing an exciting transformation, this evolution aims to provide greater opportunities for our people's professional development and prepare us to execute our more ambitious technology strategy effectively.

• Working with cloud and development teams to create and refine standards for the setup and maintenance of applications and cloud infrastructure and assuring these are met.
• Ensuring technologies like SAST, DAST and SCA are utilized effectively. Integrate security controls into CI/CD pipelines and automate checks for secrets scanning and IaC security.
• Facilitate threat modelling sessions and security design reviews for critical applications.
• Establish and communicate metrics to help us understand effectiveness and measure improvement.
• Explore automation and AI-assisted solutions to enhance vulnerability detection and remediation workflows. Identify security vulnerabilities, devise mitigation strategies, track and address issues effectively and resolve technical debt.

• Good experience in DevOps, Application Security, Cloud Security, or Product Security roles.
• Proficiency in multiple programming languages: Python, Java, .NET, and ability to review code for security flaws.
• Strong understanding of secure coding principles and application security standards such as the OWASP Top 10.
• Hands‑on experience with AppSec tooling (SAST, DAST, SCA) and vulnerability management tools.
• Strong communication skills and ability to coach development teams.

• Preferred Certifications: CEH, CSSLP, or relevant Cloud Security certifications such as those from Microsoft.

• Working flexible hours - flexing the times you start and finish during the day.
• Flexibility around school pick up and drop offs or other caregiving responsibilities.

There is a uniqueness to Soft what we do, how we do it and why we do it. At the heart of our operations are our core values: Passion, Intelligence, Fun, Responsible and Community. These values are the pillars that guide our every action.

As one of the UK's leading IT infrastructure providers and a FTSE 250 listed company, we have built a reputation for excellence. Our strategy is simple – we believe that highly engaged employees are the key to building customer trust and loyalty over the years.

To become part of the success story, please apply now.

If you have a disability or neurodiversity, we can provide support or adjustments that you may need throughout our recruitment process or any mitigating circumstance you wish for us to consider. Any information you share on your application will be treated in confidence.

• Accident and Trauma Insurance
• Medical Insurance
• Life Insurance
• Maternity, Paternity and Adoption support
• Stock Incentive Plan
• Holiday & Travel Benefits