Enable job alerts via email!

Senior Application Security Engineer

JR United Kingdom

Bolton

Remote

GBP 60,000 - 80,000

Full time

4 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

A software supply chain company is seeking a Senior Application Security Engineer to enhance security across their platform. The role involves embedding security practices from code to production, engaging with teams to promote best practices, and addressing vulnerabilities through proactive measures. Candidates should have a strong background in software development, particularly in Python and TypeScript, and be adept in application security. This position supports remote work for applicants in the UK or Island of Ireland, promoting security as a facilitator of development.

Qualifications

Strong background in software development, especially with Python and TypeScript.
Deep knowledge of application security and hands-on experience with SAST, DAST, and RASP.
Experience with cloud security, particularly AWS.

Responsibilities

Embed security across the platform, from source to production.
Lead threat modeling and security reviews, fostering team engagement.
Perform ethical pen-testing on services and infrastructure.

Skills

Python

TypeScript

Application security

Pen testing

Threat modeling

Security tooling

Container security

API security

CI/CD pipelines

Senior Application Security Engineer, Bolton, Greater Manchester

Client:

Cloudsmith

Location:

Bolton, Greater Manchester, United Kingdom

Job Category:

Other

Job Details:

Virtual job fairs
EU work permit required: Yes
Job Views: 4
Posted: 31.05.2025
Expiry Date: 15.07.2025

Job Description:

Are you passionate about building and breaking software security barriers? Do you enjoy stopping malicious actors from compromising systems? If so, this role at a software supply chain company might be perfect for you.

This position involves securing and powering how software is delivered globally.

What you'll do:

Embed security across the platform, from source to production.
Architect security controls in cloud-native, distributed systems.
Lead threat modeling and security reviews, fostering team engagement.
Perform ethical pen-testing on services and infrastructure.
Enhance security automation and monitoring with tools like CircleCI, GitHub Actions, DataDog, AWS Security Hub, etc.
Harden container runtimes, APIs, and artifact pipelines.
Write secure code, review others' code, and promote secure coding practices.
Build tools, automate tasks, and occasionally create proof-of-concept security tools.

You need:

A background in software development, especially Python and TypeScript.
Deep knowledge of application security.
Hands-on experience with SAST, DAST, RASP, and cloud security (preferably AWS).
Strong understanding of container security, API security, IaC, and CI/CD pipelines.
Experience with pen testing, threat modeling, and security tooling.
Bonus: experience securing artifact systems or supply chains.
Bonus: familiarity with Firecracker, gVisor, SCA, or data enclaves.
A belief that security should enable development, not hinder it.
Diplomatic skills to collaborate effectively with engineering teams.

If interested, contact: rose@ninedots.io

This role is remote within the Island of Ireland or the UK. Applicants must be physically located in these areas; remote work from other countries is not permitted.

Work permit sponsorship is not available.

Note: Non-passport holders may need a work permit. For more info, see our Blog.

Applications must be submitted via the 'Apply now' button. Do not provide bank or payment details.

Created on 31/05/2025 by JR, United Kingdom

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.