Enable job alerts via email!

Senior Application Security Engineer

JR United Kingdom

Basingstoke

Remote

GBP 60,000 - 90,000

Full time

3 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A leading software supply chain company seeks a Senior Application Security Engineer to embed security measures throughout the development lifecycle. You will be responsible for architecting security controls and leading security reviews, requiring a strong background in application security. Ideal candidates will have solid experience with pen testing, cloud security, and secure coding practices. Join a dynamic environment enabling secure software delivery while collaborating closely with engineering teams.

Qualifications

Software engineer background essential.
Deep knowledge of application security required.
Experience with SAST, DAST, RASP, and AWS preferred.

Responsibilities

Embed security across the platform from source to production.
Lead threat modeling and security reviews.
Pen-test services and infrastructure.

Skills

Python

Application Security

Threat Modeling

Pen Testing

Container Security

API Security

CI/CD

Tools

CircleCI

GitHub Actions

DataDog

AWS Security Hub

Senior Application Security Engineer, basingstoke

Client:

Cloudsmith

Location:

Job Category:

Other

EU work permit required:

Yes

Job Views:

Posted:

31.05.2025

Expiry Date:

15.07.2025

Job Description:

Some people like building things. Others like breaking them. You? You love both and more importantly, you love stopping bad actors from breaking the things you helped build. If that sounds like your vibe, we’ve got a job you’ll want to see.

This job is withthe software supply chain company - securing and powering how software gets delivered everywhere.

What you'll do:

Embed security across the platform, from source to prod.
Architect security controls across distributed, cloud-native systems.
Lead threat modeling and security reviews (and get people to enjoy them)
Pen-test services and infra (ethically, please).
Extend security automation and monitoring with tools like CircleCI, GitHub Actions, DataDog, AWS Security Hub, etc.
Harden everything from container runtimes to APIs to artifact pipelines.
Write secure code, review other people’s code, and help everyone level up their secure coding game.
Build tools, automate boring stuff, and occasionally drop a ‘sploity’ proof of concept for fun.

You need:

A background in software development. At your core, you’re a software engineer. Python for sure and a bit of TypeScript never hurt anyone.
Deep application security knowledge
Hands-on experience with SAST, DAST, RASP, and securing cloud (preferably AWS).
Strong grasp of container security, API security, IaC, and CI/CD.
You’ve done pen testing, threat modeling, and maybe even built some of your own security tools.
Big bonus if you’ve secured artifact systems or supply chains before.
Bigger bonus if you’ve worked with Firecracker, gVisor, or fancy things like SCA and data enclaves.
You believe security should enable, not block, engineering.
You’re a diplomat - you gotta work with engineering to secure the SDLC, not spook them.

If interested, get in touch on rose@ninedots.io

This job is remote on the Island of Ireland or in the UK. You need to be physically located here - you cannot work remotely from another country.

Work permit sponsorship is not available.

Please note that if you are NOT a passport holder of the country for the vacancy you might need a work permit. Check our Blog for more information.

Bank or payment details should not be provided when applying for a job. Eurojobs.com is not responsible for any external website content. All applications should be made via the 'Apply now' button.

Created on 31/05/2025 by JR United Kingdom

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.