Senior Application Security Engineer

About the Role:

At Holland & Barrett, cybersecurity is at the heart of our digital transformation. As we continue to grow and innovate, securing our applications and protecting customer data is a top priority. We are looking for a Senior Application Security Engineer to lead our efforts in strengthening application security, mitigating risks, and ensuring best-in-class security practices. If you are passionate about cybersecurity and eager to make a real impact, we want you on our team!

Key Responsibilities:

• Security Strategy: Help define and execute the Holland & Barrett application security strategy. Collaborate with both tech and non-tech teams to integrate security principles into the early stages of product design and development.
• Secure SLDC: Establish a secure Software Development Lifecycle (SDLC) that enables development teams to deliver high-quality applications quickly while implementing essential controls for software integrity, authenticity, and third-party library management.
• Risk Assessments: Conduct risk assessments, threat modeling, and architecture reviews alongside development teams, producing artifacts to drive the implementation of effective security controls.
• Standards Development: Own the creation and maintenance of tailored security standards and guidelines, developing reusable resources for various development teams.
• Team Support: Provide guidance and support to development teams on secure software production practices and flaw mitigation strategies.

Key Requirements:

Essential:

• 5+ years of experience in application security, with at least 3+ years in software development.
• Strong understanding of application security concepts, including secure coding practices, threat modeling, vulnerability management, and access control mechanisms.
• Experience with AWS, Kubernetes, Service Mesh, and API Security (including authentication and authorization).
• Proficiency in programming languages such as Python, Java, JavaScript, GoLang, and Rust.
• Familiarity with Agile methodologies like SCRUM, along with proven project management skills to oversee multiple security projects simultaneously.

Desired:

• Independent, proactive, and detail-oriented, with a commitment to maintaining high security standards.
• Strong communication and interpersonal skills, facilitating effective collaboration with both technical and non-technical teams.

What we offer:

• Pension company contribution = 3%
• Incentive scheme up to 10% of annual salary, based on company performance.
• Your wellbeing is paramount so you can get away and take 33 Days Holiday per year.
• Private Medical Care (Self after 1 year)
• Learning and Development opportunity with Holland & Barrett is a great base for career development long term.
• Career progression.
• Refer and Earn Scheme - as we're growing you can earn money by referring people to join us from your network.
• Epic Extras gives you access to exclusive benefits, free advice and savings from a range of retailers and providers.
• Stay healthy with Discounted Products - from day one you'll get a 25% discount (on top of other promotions) when you shop at H&B on anything that you buy.
• We all need a little help sometimes, so we offer Free 24/7 Confidential Advice & Colleague Welfare.
• Mental Health First Aiders - we have lots of qualified Mental Health First Aiders because its all about your health & wellbeing.
• Stay active in the Onsite Gym at our Nuneaton Hub!
• We have colleague Reward and Recognition Schemes, so your hard work and loyalty won't go unnoticed.
• And many more!

We're passionate about helping every colleague thrive across all dimensions of wellbeing, and we're committed to having a diverse and inclusive workplace. In line with our EPIC values (Expertise, Pioneering, Inclusive, Caring), we embrace and actively celebrate all our colleagues' unique and varying experiences, backgrounds, identities and cultures - I am me, we are H&B.


Holland & Barrett does not accept unsolicited resumes from search firms/recruiters. Please do not forward resumes to our job alias, employees, or any other company location. Holland & Barrett is not and will not be responsible for any fees if a candidate submitted by a search firm/recruiter unless otherwise agreed with respect to specific open position(s).