Security Engineer
Hybrid
London, United Kingdom
£ 130,000 / year
Full Time
18-03-2025
Job Specifications
Senior Application Security Engineer - Azure, Kubernetes, Terraform - £100,000 - £130,000
A leading provider of regulated digital asset custody services for institutional clients, ensuring the secure storage and management of cryptocurrencies and other digital assets, is seeking a Senior Application Security Engineer. You'll be pivotal in securing their platform and applications throughout their lifecycle.
As a Senior Application Security Engineer, you'll shape how they secure and design services in collaboration with developers, product owners, and business stakeholders, embedding security across the Software Development Lifecycle and business operations. You'll bring a detailed understanding of secure software design, cloud security, and threat/risk management, maintaining a secure and reliable platform.
The Senior Application Security Engineer responsibilities:
Secure the platform and applications throughout their lifecycle.
Deliver secure foundations for a cloud-first platform built on Microsoft Azure and Kubernetes.
Collaborate with developers, product owners, and stakeholders to embed security across the SDLC.
Maintain and build effective controls for SOC2 and ISO 27001 compliance, including incident and vulnerability management.
Secure configuration of cloud platforms and shift left security controls.
Translate technical topics to a broad range of stakeholders.
Work on Infrastructure as Code, CI/CD, git, and perform code reviews and threat modelling.
The ideal Senior Application Security Engineer will have experience in:
Minimum 5 years in application security, product security, or a related field, with a focus on application and cloud security.
Experience with Microsoft Azure, Kubernetes, Terraform, CI/CD, Java, and Python.
Expertise in threat modelling, cloud security, secure coding, and penetration testing.
Experience working in regulated environments and implementing security controls aligned with SOC2, SOC1, and ISO27001.
Integrating security into the SDLC, managing vulnerabilities, and tuning security controls like WAFs.
Strong collaboration and communication skills.
Nice to have:
SANS Cloud Security certification or similar.
Knowledge in blockchain, Kubernetes, and DevSecOps practices.
If you're a skilled Senior Application Security Engineer seeking a challenging role in a dynamic, regulated digital asset environment, please apply.
Senior Application Security Engineer - Azure, Kubernetes, Terraform - £100,000 - £130,000
About the Company
Established back in 2004, Burns Sheehan is a specialist technology recruitment agency based in London & Manchester. We partner with growing organisations with a compelling story to tell and connect them with world class tech talent across the UK and Europe, creating industry-leading teams across Software Engineering, Product & Delivery, Platform Engineering & Infrastructure, Data, C-Suite & Leadership. Whether you're scaling up with multiple hires, seeking a game-changing executive, or building out a brand-new squad, our f... Know more
Related Jobs
- Company Name
- British Heart Foundation
- Job Title
- Information Security Manager
- Job Description
- Location: Dual - London office & home Salary Details: £59,000 - £62,000 p/a + benefits Hours Per Week: 35 Closing Date: 31 Mar 2025 Vacancy type: Permanent Are you an Information Security expert looking to work for one of the UK's largest charities? British Heart Foundation (BHF) is undergoing a digital transformation and seeking an Information Security Manager to oversee Governance, Risk, and Compliance (GRC) within the security team and ensure regulatory and policy compliance. Joining a dynamic and growing information security team at an exciting point in the charities history you’ll collaborate with teams across British Heart Foundation (BHF) to protect BHF’s objectives and integrity. Responsibilities include risk identification, assessment, mitigation, and maintaining a robust governance framework. Managing the Information Security GRC team, you'll enhance security, compliance, and risk posture in line with industry standards while maintaining ethical practices. Working arrangements This is a blended role, where your work will be dual located between your home and our London office. At BHF we believe in the power of being together, so our colleagues on blended contracts can expect to spend some time in their office, at least one day each week, on average. The use of our office spaces is driven in part by your role and the activities you need to do. This may vary from time to time, so you will need to work in a flexible way to unlock your best work for our cause. About you This opportunity would suit an experienced GRC professional who excels in a collaborative environment and has hands-on risk management and reporting experience. With previous experience managing and leading an InfoSec GRC team, you’ll have strong knowledge and experience of working with the following: • Payment Card Industry Data Security Standard (PCI-DSS) for a Tier 1 merchant • General Data Protection Regulation (GDPR) • NIST Cybersecurity Framework (CSF) v2.0 • Critical Security Controls Libraries such as CIS Controls • Cyber Essential Plus (CEP) With proven experience in managing and delivering complex GRC activities within a fast-paced and dynamic security domain, you’ll have previous experience of working within a risk management framework as well as Cloud Security governance. To be successful in this role you’ll also have the following skills and experience: • Effective at building relationships across a large complex organisation and influencing stakeholders. • Excellent communication and presentation skills, able to translate complex security-related matters into terms that are easily understood by colleagues. • Planning skills to develop a governance risk and compliance roadmap to be executed by the GRC team. • Excellent analytical and problem-solving skills. • Able to manage multiple tasks and meet deadlines in a fast-paced environment. About us At BHF, we are focused on the urgent need to fund more research into heart and circulatory diseases like heart diseases, stroke, vascular dementia and the conditions that cause them, to find answers fit for 21st century challenges. We are independent, have more than fifty years of breakthroughs under our belts and we won’t stop until we beat heartbreak forever. We value and respect every individual’s unique contribution, celebrate diversity, and make inclusion part of what we do every day. Our Equality, Diversity and Inclusion (EDI) Strategy, Igniting Change, along with our internal EDI group, Kaleidoscope, and a growing number of employee network groups (our Affinity Groups), help us create an environment where all our colleagues and volunteers can succeed. How to apply It’s quick and easy to apply for a role at BHF. Just click through to our careers site to apply. All you’ll need is an up-to-date CV and a supporting statement, outlining your interest in the role and how you meet the role’s criteria. As part of our commitment to be an inclusive employer and ensure fairness and consistency in selecting the best candidate for this role, the BHF will use anonymous CV software as part of the application journey. Should you need any adjustments to the recruitment process, at either application or interview, please contact us.
- Company Name
- Nottingham University Hospitals NHS Trust
- Job Title
- Data Protection & Security Manager
- Job Description
- Are you looking to make a difference and use your leadership and coaching skills? Then we want to hear from you as we have an excellent opportunity for you. We need experts in Data Protection and Security to help the Trust deliver an excellent Data Protection Office service. You probably know the NHS is one of the largest employers in the UK and EU and it needs you. In return this role can offer you a fantastic opportunity for you to learn, grow and develop whilst being supported by experienced leaders within this field. We’ve recently undertaken a full workforce change across the Data Protection Office service and are seeking strong, visible and competent leaders who can use their knowledge, skills and abilities to coach a team of staff to learn, develop and grow to achieve shared service wide objectives. In addition to the brief list below you must familiarise yourself with the full job description and person specification attached to this advert prior to applying. The post holder will be an experienced leader and specialist in relation to data protection, security, confidentiality, line management, service delivery and records managements. Responsible for the day to day management of the Data Protection Office / service. Lead and promote data protection and security awareness and provide advice and guidance to the Trust, Employee’s and Management in relation to the organisation achieving compliance with Data Protection Legislation. Provide Information Governance support in relation to commercial, informatics, and research projects. Provide first line support for all data protection and security enquiries. Including commercial, data analytics and research to the Trust. Such as contracts and procurement process and due diligence, ISA, DPA, DPIAs and DTAC. Work with managers, Heads of Service and Directors of operations to identify any new working practices required and to support the change programme to implement these utilising a Privacy by Design process. Ensure Continuous Professional Development (CPD) of self and supervisee’s. Provide expert advice to the Trust in relation to relevant Information Security / Cyber Security frameworks such as ISO27001 compliance but not limited too. Keeping themselves up to date with relevant frameworks. The post requires a mix of on-site and home working to suit the needs of our service. Typically, one or two days a week depending on the service needs. The service has an agile working approach and planned meeting schedules so the entire service can plan accordingly their home and work life balance accordingly. With over 20,000 staff, we are one of the biggest employers in the city with a central role in supporting the health and wellbeing of our local population. We play a leading role in research, education and innovation. Come and join our wonderful team at NUH. We are big believers in diversity and welcome new ideas to help develop our team in order to deliver world class healthcare to the vast patient populations we serve. With endless personal development opportunities available, at NUH we will endeavour to turn your job into a career! We particularly welcome applications from people who identify as Black, Asian and Minority Ethnic, or Disabled, as we are striving to be better represented at NUH. For further details / informal visits contact: Name: Marc Wilson Job title: Head of Information Security & Data Protection Email address: marc.wilson@nhs.net Please email to arrange discussion.
- Company Name
- Bestman Solutions
- Job Title
- Application Security Engineer
- Job Description
- Security Engineer – £85,000 - £90,000 base We are partnered with a global e-commerce firm looking for a Security Engineer with strong infrastructure security experience to join their growing cybersecurity team. This role will focus on securing cloud-native environments and working closely with engineering teams to embed best practices in security across their platforms. Key Responsibilities: Secure Kubernetes, Docker, and cloud-native infrastructure, ensuring robust security configurations and best practices. Collaborate with engineering teams to design and implement security controls across CI/CD pipelines. Conduct threat modeling and security assessments for cloud and containerized environments. Define security policies, configurations, and automation processes to enhance platform security. Review infrastructure changes, providing security guidance on new deployments and enhancements. Promote Security by Design principles within development and operations teams. Key Requirements: Strong hands-on experience securing Kubernetes and Docker environments. Expertise in cloud security, ideally with AWS, GCP, or Azure. Experience with CI/CD security and automation, preferably using GitHub Actions or other frameworks. Solid understanding of network security, IAM, and infrastructure as code (Terraform preferred). Ability to assess infrastructure risks, identify vulnerabilities, and implement effective security controls. This is a great opportunity to join a fast-moving global organization that prioritizes security and innovation. The company offers an excellent benefits package and supports your professional development with training and certifications. Interested? Apply now or reach out for more details!
- Company Name
- Punk Security
- Job Title
- Junior Cyber Security Engineer
- Job Description
- PLEASE NOTE: WE CAN ONLY ACCEPT APPLCATIONS FROM UK RESIDENTS WHO HAVE LIVED IN THE UK FOR THE LAST 5 YEARS AS A MINIMUM AND ARE WILLING TO UNDERGO SECURITY EVETTING. WE ARE UNABLE TO SPONSOR VISAS. A brilliant opportunity for someone currently working in IT looking to embark on a career in Cyber Security As we continue to grow, we are looking for someone who is passionate about security to join our team as a Junior Security Engineer. You will be working to help safeguard customer environments, working alongside experienced engineers to implement, review, and manage security policies, procedures, and tooling. This role will provide extensive opportunities for career development, including penetration testing, DevSecOps and more. You will have the opportunity to develop development and DevSecOps skills through our in-house projects and tooling. As strong advocates of open-source security, we actively build and maintain tools for public use, and you'll have the chance to contribute. Why work with us? Work with a talented and supportive team in a fast-growing cybersecurity consultancy. Gain hands-on experience with real-world security challenges in cloud environments. Get involved in cutting-edge DevSecOps projects and open-source tooling. We will invest in you! This role is a fantastic opportunity to build a strong career in security by growing with the business through mentorship, professional development, and certification opportunities. Our offices are in a great location, with multiple gyms nearby and Northallerton market town centre within walking distance. Northallerton is easily accessible via train and we have free on-site parking for those travelling by car. Key responsibilities Assist in monitoring and responding to security incidents and alerts. Conduct vulnerability assessments and support security reviews of cloud and on-prem environments. Work with senior engineers to design and implement security controls. Help to develop and maintain security tools, automation scripts, and documentation. Support the implementation of security policies, procedures, and compliance standards. Stay updated on emerging security threats, trends, and best practices. Participate in team meetings, industry conferences, and training events. Support the penetration testing team where required. What we’re looking for - Essential requirements: Demonstrable passion for cybersecurity and an eagerness to learn. Knowledge of cloud platforms (AWS, Azure, or Google Cloud). Understanding of cybersecurity principles and best practices. Strong problem-solving skills and attention to detail. Excellent communication and teamwork skills. Ability to manage multiple workflows and personal time. Full UK driving license. Experience working in an IT Support position or similar MUST BE A UK CITIZEN HAVING RESIDED IN THE UK FOR MINIMUM OF THE LAST YEARS (due to security vetting requirements). Preferred - Nice to have but not essential: Industry certifications (CompTIA Security+, AWS Certified Security – Specialty, etc.). Proficiency in at least one programming or scripting language (Python, JavaScript, Bash, etc.). Degree in Computer Science, Cybersecurity, or a related field. Experience with Infrastructure as Code (Terraform, CloudFormation, etc.). Knowledge of security frameworks and standards (NIST, ISO, etc.). What We Offer Regular salary reviews & performance-based bonuses (discretionary). Private medical cover (including spouse & dependents under 18). Flexible work options. Opportunities for career growth, training, and certifications. A supportive, inclusive, and collaborative team culture. The chance to work on exciting and impactful security challenges. We are an Armed Forces Covenant signed business, supporting veterans and reservists. Opportunities for public speaking and industry engagements. We are committed to breaking down barriers to entry in cybersecurity. If you’re passionate about security but don’t meet every listed nice to have, we still encourage you to apply! If you require adjustments to be made throughout the recruitment process, please let us know. This role has a starting salary of £25,000.00-£30,000.00 per year depending on experience.