Enable job alerts via email!
Senior Application Security Engineer
JR United Kingdom
Leeds
Remote
GBP 50,000 - 80,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A software supply chain company is looking for a Senior Application Security Engineer in Leeds. This role offers the chance to embed security across platforms and engage in key security practices such as threat modeling and penetration testing, fostering a culture of secure coding within the engineering teams.
Qualifications
- Strong background in software development.
- Deep knowledge of application security.
- Experience with SAST, DAST, RASP, cloud security (AWS preferred).
Responsibilities
- Embed security across the platform from source to production.
- Lead threat modeling and security reviews.
- Perform penetration testing ethically on infrastructure and applications.
Skills
Job description
Social network you want to login/join with:
Client: Cloudsmith
Location: Leeds, West Yorkshire, United Kingdom
Job Category: Other
-
EU work permit required: Yes
7
07.06.2025
22.07.2025
Some people like building things. Others like breaking them. You? You love both and more importantly, you love stopping bad actors from breaking the things you helped build. If that sounds like your vibe, we’ve got a job you’ll want to see.
This job is with the software supply chain company - securing and powering how software gets delivered everywhere.
What you'll do:
- Embed security across the platform, from source to production.
- Architect security controls across distributed, cloud-native systems.
- Lead threat modeling and security reviews (and get people to enjoy them).
- Perform penetration testing services on infrastructure and applications (ethically, please).
- Extend security automation and monitoring with tools like CircleCI, GitHub Actions, DataDog, AWS Security Hub, etc.
- Harden everything from container runtimes to APIs to artifact pipelines.
- Write secure code, review others’ code, and help everyone level up their secure coding game.
- Build tools, automate boring tasks, and occasionally create a proof of concept for fun.
You need:
- A background in software development. You’re essentially a software engineer. Python proficiency is essential, and some TypeScript experience is a plus.
- Deep application security knowledge.
- Hands-on experience with SAST, DAST, RASP, and securing cloud environments (preferably AWS).
- Strong understanding of container security, API security, Infrastructure as Code (IaC), and CI/CD pipelines.
- Experience with pen testing, threat modeling, and developing security tools.
- Bonus points for experience securing artifact systems or supply chains.
- Additional bonus if familiar with Firecracker, gVisor, or advanced security tools like SCA and data enclaves.
- You believe security should enable, not block, engineering processes.
- You’re diplomatic and able to work with engineering teams to secure the Software Development Life Cycle (SDLC).
This role is remote within the UK or the Island of Ireland. You must be physically located in these areas; remote work from outside these locations is not permitted.
Work permit sponsorship is not available for this position.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Similar jobs
job faster
