Enable job alerts via email!

DevSecOps / Application Security Engineer

JR United Kingdom

Glasgow

Remote

GBP 60,000 - 90,000

Full time

6 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading niche SaaS tech company seeks a Senior DevSecOps / Application Security Engineer in Glasgow, UK. This role involves driving security initiatives, embedding security in software delivery, and collaborating closely with development teams to enhance security posture continuously. The ideal candidate will have significant hands-on experience in AppSec, secure SDLC, and related tools.

Qualifications

5+ years in AppSec or DevSecOps with strong experience in secure SDLC and CI/CD.
Hands-on knowledge of specific security tools.
Passion for building scalable security solutions.

Responsibilities

Embed and automate security controls across CI/CD workflows.
Lead integration of SAST, DAST, SCA in DevSecOps pipelines.
Support cloud-native app security efforts across Azure and AWS.

Skills

AppSec

DevSecOps

Secure SDLC

CI/CD

Communication

Scripting Languages

Secure Coding

Cloud Security

Tools

GitHub Advanced Security

Veracode

Snyk

ZAP

Burp

Social network you want to login/join with:

DevSecOps / Application Security Engineer, Glasgow

Client:

Acumin

Location:

Glasgow, United Kingdom

Job Category:

Other

EU work permit required:

Yes

Job Views:

Posted:

06.06.2025

Expiry Date:

21.07.2025

Job Description:

Senior DevSecOps / Application Security Engineer

Location: Remote – UK or EMEA based

6 months+ Contract

Niche SaaS Tech company is seeking a Senior DevSecOps / Application Security Engineer to champion and drive their DevSecOps initiatives—shaping secure software delivery across a fast-moving, cloud-native environment. In this role, you’ll own and evolve the security tooling and automation embedded in their SDLC and CI/CD pipelines, working closely with software engineers, DevOps, and data scientists. You'll help ensure security is not a final step but an integral, continuous part of how they build and ship software.

You will:

Embed and automate security controls across CI/CD workflows
Lead the integration of SAST, DAST, SCA, and threat modeling tools in DevSecOps pipelines
Collaborate with developers to enable secure coding and privacy by design
Drive adoption of secure development standards and practices across the organization
Operate and evolve our software vulnerability management and bug bounty programs
Work cross-functionally to identify risks and improve security posture continuously
Support cloud-native app and ML security efforts across Azure and AWS
Own AppSec policies, incident response processes, and related KPIs/KRIs

Key Skills Required:

5+ years in AppSec or DevSecOps, with strong experience in secure SDLC and CI/CD
Hands-on knowledge of security tools like GitHub Advanced Security, Veracode, Snyk, ZAP, Burp
Familiarity with OWASP, MITRE, CWE, and modern development frameworks (C#, Java, Python, React)
Knowledge of scripting languages (Python, Ruby, Rust)
Excellent communication skills to bridge tech and business stakeholders
Passion for building scalable security solutions that enable teams, not slow them down

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.