DevSecOps / Application Security Engineer

Social network you want to login/join with:

col-narrow-left

Acumin

Cardiff, United Kingdom

Other

-

Yes

col-narrow-right

3

06.06.2025

21.07.2025

col-wide

Senior DevSecOps / Application Security Engineer

Location: Remote – UK or EMEA based

6 months+ Contract

Niche SaaS Tech company is seeking a Senior DevSecOps / Application Security Engineer to champion and drive their DevSecOps initiatives—shaping secure software delivery across a fast-moving, cloud-native environment. In this role, you will own and evolve security tooling and automation embedded in their SDLC and CI/CD pipelines, working closely with software engineers, DevOps, and data scientists. You will help ensure security is an integral, continuous part of how they build and ship software.

You will:

• Embed and automate security controls across CI/CD workflows
• Lead the integration of SAST, DAST, SCA, and threat modeling tools in DevSecOps pipelines
• Collaborate with developers to enable secure coding and privacy by design
• Drive adoption of secure development standards and practices across the organization
• Operate and evolve software vulnerability management and bug bounty programs
• Work cross-functionally to identify risks and improve security posture continuously
• Support cloud-native app and ML security efforts across Azure and AWS
• Own AppSec policies, incident response processes, and related KPIs/KRIs

Key Skills Required:

• 5+ years in Application Security or DevSecOps, with strong experience in secure SDLC and CI/CD
• Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp
• Familiarity with OWASP, MITRE, CWE, and modern development frameworks (C#, Java, Python, React)
• Knowledge of scripting languages (Python, Ruby, Rust)
• Excellent communication skills to bridge technical and business stakeholders
• Passion for building scalable security solutions that enable teams, not slow them down