Senior Application Security Engineer

Job Title: Senior Application Security EngineerSalary: £70,000Location: Reading/remoteAbout the Organisation

Join a fast-growing UK technology and consulting firm that's investing heavily in cutting-edge cyber security. With a strong focus on innovation, collaboration, and professional development, this company empowers its people to shape the future of secure digital transformation across a wide range of industries.You'll be part of a business that values expertise, agility, and doing the right thing - where everyone has the opportunity to make a genuine impact.About the Role

The Senior Application Security Engineer will play a key role in protecting the organisation's infrastructure, cloud platforms, and applications. Working within a highly technical and collaborative cyber team - supported by a 24/7 external SOC - you'll research, test, and implement next-generation security solutions to safeguard data and systems.

This role offers the chance to lead on application and cloud security initiatives, influence secure design standards, and mentor colleagues in best practices.Key Responsibilities

• Lead application and cloud security initiatives, ensuring systems and software are secure by design.
• Drive vulnerability management and implement a risk-based approach across the technology stack.
• Perform security testing (SAST, DAST, SCA) and work with developers to remediate findings.
• Support cloud security controls (primarily Azure, including cloud-native apps).
• Champion secure development, threat modelling, and DevSecOps integration.
• Research emerging threats and recommend proactive mitigations.
• Provide mentoring, training, and security awareness support to internal teams.

• Strong hands-on experience in application and cloud security engineering.
• Deep understanding of web app vulnerabilities (OWASP Top 10, CWE) and secure coding practices.
• Proficiency with security testing tools and vulnerability management platforms.
• Broad knowledge of network and infrastructure security concepts (WAFs, ACLs, VPNs, etc.).
• Familiarity with security frameworks and principles such as Zero Trust and risk-based security.
• Relevant certifications such as CISSP, CompTIA Security+, GIAC, or equivalent.
• Excellent documentation, communication, and stakeholder collaboration skills.

Desirable

• Background in threat modelling or secure software design.
• Knowledge of ISO27001, Cyber Essentials Plus, or cloud security certifications.
• Experience in large-scale or regulated environments.

• Competitive salary with annual bonus potential.
• 25 days holiday (plus flexible bank holidays and holiday trading).
• Excellent pension scheme with matched contributions.
• Healthcare cash plan and wellbeing support.
• Access to digital GP and employee assistance programme.
• Volunteering days, referral bonuses, and retail discounts.
• A flexible, inclusive, and forward-thinking workplace culture.

This is an opportunity to be at the forefront of modern application security - influencing strategy, shaping solutions, and working in a team that truly values your expertise.