About The Company
Hargreaves Lansdown (HL) is the UK's leading investment platform for private investors, based in Bristol. With over 40 years of experience, HL has established itself as a trusted provider dedicated to helping individuals save, invest, and plan for a better financial future. The company prides itself on delivering exceptional service, innovative solutions, and fostering a workplace culture rooted in core values such as service, quality, and opportunity. HL continuously strives to empower its clients through cutting-edge technology and a commitment to excellence, making investing accessible and straightforward for all.
About The Role
We are seeking a skilled Application Security Engineer to join our dynamic team at HL. In this pivotal role, you will be responsible for enhancing the security posture of our products and services by embedding security practices across the Software Development Lifecycle (SDLC). Collaborating closely with Engineering and security teams, you will develop and implement security tooling strategies, automate security assurance processes, and provide expert guidance on vulnerabilities, threats, and risk mitigation. This position offers an excellent opportunity to influence how HL builds secure, reliable products at pace, fostering a culture of 'Secure by Design.' Your efforts will directly contribute to safeguarding our clients' data and ensuring the integrity of our digital offerings.
Qualifications
* Experience with SAST, SCA, and DAST tools such as Snyk, Gitlab Ultimate Application Security, Rapid7
* Proficiency with API scanning tools like Salt and 42Crunch
* Strong understanding of vulnerability scoring frameworks such as CVSS and EPSS
* Ability to code in at least one programming or scripting language (e.g., Python, JavaScript/TypeScript)
* Knowledge of software development languages, frameworks, and build/deploy tools such as Gitlab CI/CD, Harness, Jenkins
* Hands-on experience with cloud platforms including AWS and Azure
* Familiarity with security vulnerabilities and emerging threats
* Experience working in Agile environments with excellent organizational skills
* Ability to communicate technical risks effectively to non-technical stakeholders
* Experience in integrating security tools into CI/CD pipelines
* Knowledge of developer-focused Security Champion programs is desirable
* Experience in vulnerability triage, false positive analysis, and risk mitigation
Responsibilities
* Design and implement automated security testing solutions and vulnerability scanning within the SDLC
* Support the Application Security Lead in defining security strategies, selecting appropriate tools, and evaluating technologies
* Conduct proof of concept testing for new security tools to support agile sprints
* Lead the rollout of security tooling across engineering teams, ensuring seamless integration into existing processes
* Maintain and optimize security tools, monitoring their effectiveness through dashboards and reports
* Perform vulnerability triage, identify false positives, and advise on mitigation strategies and risk management
* Promote security testing as an integral part of the delivery pipeline, advocating shift-left security practices
* Build strong partnerships with engineering teams and the CISO function to improve security workflows
* Prioritize tasks, meet deadlines, and provide regular progress updates to stakeholders
* Support and enable developer security champions through training and awareness programs
Benefits
* Discretionary annual bonus and annual pay review
* 25 days holiday plus bank holidays and an additional Christmas closure day
* Option to purchase up to 5 additional holiday days during benefits window
* Flexible working arrangements, including hybrid working options
* Enhanced parental leave provisions
* Pension scheme with up to 11% employer contribution
* Income protection and life insurance coverage (4x salary)
* Private medical insurance (role-dependent)
* Health care cash plans covering optical, dental, and outpatient care
* Health screening programs
* confidential support services, including mental health counselling and remote GP access
* Wellhub access for fitness and wellness coaching
* Travel schemes with bike storage and shower facilities
* In-house barista and deli with subsidized coffee and sandwiches
* Two paid volunteering days annually
Equal Opportunity
Hargreaves Lansdown is committed to creating an inclusive environment and is proud to be an equal opportunity employer. We value diversity and encourage applications from all qualified individuals regardless of race, religion, gender, sexual orientation, national origin, disability, or age.