Senior Application Security Engineer - DevSecOps & Cloud Security

An opportunity has arisen for a Senior Application Security Engineer to join a well-established health research organisation and charity that supports large-scale medical research to improve disease prevention, diagnosis and treatment.

As a Senior Application Security Engineer, you will play a key part in integrating security throughout the software development lifecycle, working alongside engineering and cloud teams to build, improve and maintain secure applications, platforms and deployment processes.

This is not a traditional vulnerability management role, it is a hands-on Application Security role centred on secure design, CI/CD security, cloud-native technologies, Kubernetes, API security, code analysis, security-as-code and supporting development teams to build secure applications.

This is a full-time permanent role, working on a hybrid basis with a Central London office location, offering a salary from £70,000 per annum and an excellent benefits package.

Visa sponsorship is not available.

You will be responsible for

? Working closely with engineering and architecture teams to promote secure development from the earliest stages of delivery.
? Implementing and maintaining application security testing solutions, enabling developers to identify and remediate security risks.
? Enhancing secure development processes by integrating security controls throughout CI/CD pipelines.
? Strengthening the security of GitHub Actions and comparable continuous integration and deployment platforms.
? Providing technical guidance on secure API design and protecting externally accessible systems.
? Supporting the security of Azure cloud infrastructure, including Azure Kubernetes Service (AKS).
? Assisting with the protection of cloud-hosted data platforms and associated technologies.
? Developing and maintaining security-as-code and policy-as-code using appropriate tooling.
? Automating security processes through infrastructure-as-code and scripting techno