Application Security Engineer - UK Remote - £60,000–£90,000
Opus have recently partnered with a leading organisation specialising in the development of Digital Product development across the globe. Our client is looking for an experienced Application Security Engineer to join a them at the forefront of digital product development. This is a high impact role where you’ll shape, strengthen, and scale application security across a diverse product ecosystem used by millions.
You’ll work closely with engineering, product, and platform teams to embed secure by design principles, improve security maturity, and ensure our clients digital products remain robust, resilient, and trusted.
This position is ideal for someone who wants to stay deeply technical while also having a clear pathway to progress into either a Technical AppSec Lead role or team management in the future.
What You’ll Do
* Lead and enhance application security practices across multiple digital product teams.
* Conduct threat modelling, secure design reviews, and architecture assessments.
* Perform hands‑on security testing, including code reviews, SAST/DAST tuning, and vulnerability analysis.
* Partner with engineering teams to guide secure coding practices and remediation strategies.
* Develop and maintain security tooling, automation, and CI/CD integrations.
* Contribute to security standards, policies, and best practices across the organisation.
* Support incident response activities related to application‑level vulnerabilities.
* Champion a security‑first culture and help uplift security awareness across product and engineering teams.
What We’re Looking For
* Prior experience as an Application Security Engineer within the digital products space such as SaaS, consumer apps, platforms, e‑commerce, or similar.
* Strong understanding of modern application architectures (microservices, APIs, cloud‑native). Hands on experience with secure coding, code review, and common vulnerability classes (OWASP Top 10, SANS CWE).
* Experience with AppSec tooling such as SAST, DAST, SCA, container scanning, and secrets detection.
* Experience building or maintaining internal security tooling.
* Knowledge of DevSecOps practices and CI/CD security automation.
* Exposure to threat modelling frameworks (STRIDE, PASTA, etc.).
Why Join our client?
* Work fully remote from anywhere in the UK.
* Join a mature, well established digital products organisation with strong engineering culture.
* Make a real impact on security strategy and technical direction.
* Choose your progression path:
* Stay hands on and grow into a Technical AppSec Lead, or
* Move into team leadership/management as the function expands.
* Competitive salary (£60k–£90k) depending on experience.