SeniorApplicationSecurityEngineer

We are looking for a Senior Application Security Engineer to join our Engineering team ⭐ This is a largely autonomous, hands-on role sitting at the intersection of secure software development and cloud infrastructure security. You'll have real ownership over our security posture, working across the full engineering organisation to drive meaningful, lasting improvements, rather than just maintaining the status quo. What will you do as our Senior Application Security Engineer? Your role will span both secure software development and cloud infrastructure security 🎯 A core focus will be working hands-on with engineering teams to embed security best practices throughout the development lifecycle. This will cover input validation, authentication and authorisation, secure data handling, and protection against common attack vectors. You'll also lead security improvements within our Azure hosting environments, working closely with the DevOps Team to ensure identity, network security, encryption, and platform hardening are correctly implemented ✅ You'll own the end-to-end technical handling of vulnerabilities identified through penetration tests, automated scanning, and internal reviews, analysing findings, prioritising remediation based on risk, and either implementing fixes directly or driving resolution with the responsible teams 🤝 In parallel, you'll implement and maintain security scanning and monitoring tools across our CI/CD pipelines, improving automation for vulnerability detection and secure deployment practices 🔒 Collaboration is key as you'll provide security input into architectural decisions, new integrations, and high-impact technical initiatives. You’ll support teams with threat modelling and secure design reviews to ensure security is considered early rather than retroactively. During security incidents, you'll work closely with the Head of Tech and the Security Team to provide hands-on investigation, containment, and corrective action 🌟 ## Requirements W