Application Security Specialist (DevOps)

Hybrid – Cambridge, UK (1 day a week in office)

We’re looking for an experienced Application Security Specialist to join a growing cyber security team and play a key role in shaping a world-class application security programme.

This role will give you the chance to work closely with engineering and development teams, embedding security into the development lifecycle, driving automation, and influencing remediation plans that have real impact.

What you’ll be doing

Guiding teams on security best practices, compliance, and secure coding.

Collaborating with architects and developers to review designs and code for vulnerabilities.

Embedding/improving threat modelling and secure development practices into the SDLC.

Designing and integrating security testing plans.

Performing and overseeing application security testing and driving remediation.

Managing end-to-end vulnerability workflows, including bug bounty findings.

Supporting incident response activities when needed.

Monitoring and reporting on application security metrics, KPIs, and emerging threats.

Automating processes for vulnerability detection and integrating tools into the pipeline.

Note: this position includes participation in an on-call rotation.

What we’re looking for

3+ years in software engineering plus 2+ years in application security.

Strong knowledge of OWASP, application v...