Lead Application Security Engineer

Anson McCade
Glasgow, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
£ 90K

Job location

Glasgow, United Kingdom

Tech stack

Java
Amazon Web Services (AWS)
Azure
Basic Access Authentication
Continuous Integration
Linux
Identity and Access Management
Python
OAuth
Software Engineering
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Cloud Platform System
Software Security
GraphQL
REST
Static Application Security Testing
Dynamic Application Security Testing

Job description

We're looking for an experienced Application Security Engineering Lead to join a dynamic team driving secure software development across the organisation. In this role, you'll design, implement, and maintain solutions that protect critical systems and sensitive information, while influencing security strategy at a senior level.

This is a hybrid role, offering flexibility to work 2 days per week in your closest site in Glasgow or Greater Manchester.

Key Responsibilities

  • Provide subject matter expertise on security systems and engineering patterns.
  • Develop protocols, algorithms, and applications to safeguard sensitive data.
  • Manage and protect secrets securely, ensuring proper generation, storage, and usage.
  • Conduct audits to monitor and assess vulnerabilities, supporting incident response.
  • Stay ahead of cryptographic advancements to enable adoption of new technologies.
  • Collaborate with developers and security teams to align solutions with business objectives and regulatory requirements.
  • Develop, implement, and maintain Identity and Access Management solutions.
  • Lead strategic initiatives, advise stakeholders, and influence cross-functional decisions.
  • Mentor and guide team members, shaping technical direction and fostering skill development.

Requirements

  • Strong knowledge of software security, including CVEs, CWEs, and common vulnerability types.
  • Hands-on experience with SAST, SCA, and DAST tools.
  • Proficiency in at least one programming language (e.g., Java, Go).
  • Experience with at least one major cloud platform (AWS, GCP, Azure).
  • REST API design and HTTP authentication.
  • Linux proficiency, including terminal usage, scripting, and automation (e.g., Shell, Python).

Highly Desirable

  • CI/CD experience.
  • Knowledge of GraphQL.
  • Familiarity with authentication systems (e.g., OAuth).

About the company

This is a chance to work at the forefront of application security, influencing technology strategy while protecting critical systems. You'll collaborate with talented colleagues, build secure software practices, and shape the future of security engineering.

Apply for this position